bumblebee | 9ab0d6171d031459d39df0f341ff3347f17863aa84c80858d17a1e8ed314717b | Triage

Sharing

General

Target

blagh.zip
Size

605KB
Sample

230125-ydvmdsbh2z
MD5

eebae9e3575091d0d9143fe162cbf744
SHA1

467c20107983e62db40f57ff251b43775ecf06cb
SHA256

9ab0d6171d031459d39df0f341ff3347f17863aa84c80858d17a1e8ed314717b
SHA512

214a0918b7e085a2c2560f6c1cdf8c783f7c7f29a974608d83288128b7edaaff3253a924d433a4417013c72cab8d7969218682228968df7f482c87d0bad48ce3
SSDEEP

12288:zRrZ5WiOL65T41/UMjHMf5tQDLz+fBr19kPWIQkZg18FQu55bbjg:zRujL6J4tZA5tQDLSfR15IQkZ9FQujbg

Score

10^/10

bumblebee 0��hsyishsmqu trojan

Malware Config

Extracted

Family

bumblebee

Botnet

0��

rc4.plain

Extracted

Family

bumblebee

Botnet

HsyIsHsmQu

rc4.plain

Targets

- Target
  
  blagh.dll
- Size
  
  1.4MB
- MD5
  
  b011dc11faff355016daf08fcb1abd81
- SHA1
  
  62a58af121db36989be8c8634a1c5734440dd0db
- SHA256
  
  aa5008349701dacf26f887d22cd9ab0dcd9ebcbe1717c4962f62163a4e057239
- SHA512
  
  a62dec7d2eed788e3d851349e2f1b8ba7a2096eb02db43e37704775f52d6de60ac13ca798fb13dc7f869c6d250fcaa80abdcb7774ada40a601b48c272f8d544b
- SSDEEP
  
  24576:uPQwS+0Q1j19uMjeVV3HK6hfz8kzfGMm8Mth+/LVNzv9WKAeqbqgvkC:20619uJVVXK6qmfGMmdt2VhwK7qb3sC
Score

10^/10

bumblebee hsyishsmqu trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

0��bumblebee

behavioral1

bumblebeehsyishsmqutrojan

behavioral2

bumblebeehsyishsmqutrojan