bumblebee | cb45fc44b2fe203c3825a5ed5342a82288e5517e5d5ed711297abf5a7541e616 | Triage

Submit
Reports

Overview

overview

Static

static

newfile26.xlsm

windows7-x64

1

newfile26.xlsm

windows10-1703-x64

Sharing

General

Target

newfile26.xlsm
Size

55KB
Sample

221109-zh55cscaa3
MD5

fdd4a9c584623083903c0d32c942a784
SHA1

099eb8322a9711337a7dfa224b00a359a4a5aa85
SHA256

cb45fc44b2fe203c3825a5ed5342a82288e5517e5d5ed711297abf5a7541e616
SHA512

95fbf878898be7e0a7d8ff9e770f2086d65cc2dfe7f75427ddc12e2583a7719b32458d5eb0e2c6f2211c71bf04eeb62e85930b97c09ff095f52a1ba953facb65
SSDEEP

768:KtDd/fxWpt1J3S5f3v4Jfa3ODVs3KnooaRHIuZVvDb6fQl2baajQjFH:i5/fxWLC5/wJi3eVsdtLVvKIl2baaiH

Score

10^/10

bumblebee 0411r trojan

Static task

static1

Behavioral task

behavioral1

Sample

newfile26.xlsm

Resource

win7-20220901-en

windows7-x64

7 signatures

1200 seconds

Behavioral task

behavioral2

Sample

newfile26.xlsm

Resource

win10-20220901-en

bumblebee 0411r trojan

windows10-1703-x64

13 signatures

1200 seconds

Malware Config

Extracted

Family

bumblebee

Botnet

0411r

C2

172.86.121.123:443

176.223.165.125:443

45.66.248.216:443

rc4.plain

Targets

- Target
  
  newfile26.xlsm
- Size
  
  55KB
- MD5
  
  fdd4a9c584623083903c0d32c942a784
- SHA1
  
  099eb8322a9711337a7dfa224b00a359a4a5aa85
- SHA256
  
  cb45fc44b2fe203c3825a5ed5342a82288e5517e5d5ed711297abf5a7541e616
- SHA512
  
  95fbf878898be7e0a7d8ff9e770f2086d65cc2dfe7f75427ddc12e2583a7719b32458d5eb0e2c6f2211c71bf04eeb62e85930b97c09ff095f52a1ba953facb65
- SSDEEP
  
  768:KtDd/fxWpt1J3S5f3v4Jfa3ODVs3KnooaRHIuZVvDb6fQl2baajQjFH:i5/fxWLC5/wJi3eVsdtLVvKIl2baaiH
Score

10^/10

bumblebee 0411r trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Downloads MZ/PE file
- Loads dropped DLL
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bumblebee0411rtrojan

© 2018-2025

Terms | Privacy