bumblebee | 95a37ee707f673e561f3a8dbb27927f7140b8541c12eb805bf47613adc36b584 | Triage

Resubmissions

30-11-2022 14:23

221130-rqendabf91 10

29-11-2022 07:29

221129-ja8yaaca8y 1

Sharing

General

Target

taxonomy.dll.exe
Size

1.1MB
Sample

221130-rqendabf91
MD5

f8a6948b927d6a0408679fc623994571
SHA1

2246524678f02ca6e76d861f29a6a3642309fafe
SHA256

95a37ee707f673e561f3a8dbb27927f7140b8541c12eb805bf47613adc36b584
SHA512

35bbc85f172b4edbdc13aade1db745c6f991533a9c2754ad2223a0358e078df2ab373c4846cb9e0262f749b7bd6de8d1fdd0eeda670b19acc50408b54cb8fb77
SSDEEP

24576:DYDUU4/rSJXCy6hPKfGjQIr0or/yMSjJfMKAXEek9oHpPF:DYQUE+J0jQc9riYXzn

Score

10^/10

bumblebee 2811 trojan

Malware Config

Extracted

Family

bumblebee

Botnet

2811

C2

108.62.118.70:443

104.219.233.41:443

142.11.199.235:443

rc4.plain

Targets

- Target
  
  taxonomy.dll.exe
- Size
  
  1.1MB
- MD5
  
  f8a6948b927d6a0408679fc623994571
- SHA1
  
  2246524678f02ca6e76d861f29a6a3642309fafe
- SHA256
  
  95a37ee707f673e561f3a8dbb27927f7140b8541c12eb805bf47613adc36b584
- SHA512
  
  35bbc85f172b4edbdc13aade1db745c6f991533a9c2754ad2223a0358e078df2ab373c4846cb9e0262f749b7bd6de8d1fdd0eeda670b19acc50408b54cb8fb77
- SSDEEP
  
  24576:DYDUU4/rSJXCy6hPKfGjQIr0or/yMSjJfMKAXEek9oHpPF:DYQUE+J0jQc9riYXzn
Score

10^/10

bumblebee 2811 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Blocklisted process makes network request
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bumblebee2811trojan

behavioral2

bumblebee2811trojan