bumblebee | blagh[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

blagh.dll

windows7-x64

blagh.dll

windows10-2004-x64

Sharing

Static task

static1

0��bumblebee

1 signatures

Behavioral task

behavioral1

Sample

blagh.dll

Resource

win7-20220812-en

bumblebee hsyishsmqu trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

blagh.dll

Resource

win10v2004-20220901-en

bumblebee hsyishsmqu trojan

windows10-2004-x64

2 signatures

150 seconds

General

Target

blagh.zip
Size

605KB
MD5

eebae9e3575091d0d9143fe162cbf744
SHA1

467c20107983e62db40f57ff251b43775ecf06cb
SHA256

9ab0d6171d031459d39df0f341ff3347f17863aa84c80858d17a1e8ed314717b
SHA512

214a0918b7e085a2c2560f6c1cdf8c783f7c7f29a974608d83288128b7edaaff3253a924d433a4417013c72cab8d7969218682228968df7f482c87d0bad48ce3
SSDEEP

12288:zRrZ5WiOL65T41/UMjHMf5tQDLz+fBr19kPWIQkZg18FQu55bbjg:zRujL6J4tZA5tQDLSfR15IQkZ9FQujbg

Score

10^/10

0��bumblebee

Malware Config

Extracted

Family

bumblebee

Botnet

0��

rc4.plain

Signatures

Bumblebee family
bumblebee

Files

blagh.zip
.zip

Password: infected
blagh.dll
.dll windows x64

83f847006bcd9e79aedb74fc499583c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shlwapi

StrToIntA
StrChrA
PathFindFileNameW

kernel32

VirtualFree
lstrcpyA
lstrcmpA
lstrcatA
GetProcAddress
FreeLibrary
VirtualAlloc
GetCurrentThread
GetCurrentThreadId
CloseHandle
GetModuleHandleW
VirtualProtectEx
LoadLibraryA
GetModuleHandleA
VirtualQuery
lstrlenA
VirtualQueryEx
GetCurrentProcess
UnmapViewOfFile

Exports

Exports

TeBTYfVzJZub
setPath

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy