Overview

overview

10

Static

static

1

contribute.dll

windows7-x64

10

contribute.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    contribute.dll

  • Size

    2.2MB

  • Sample

    230213-3p2x3age8s

  • MD5

    a719d4ef0765ba845179d9819c37c061

  • SHA1

    9aa9bc1b5707bddcbfbdbf5f8d24e477428d59af

  • SHA256

    05e26546200479529011d3500d17694e8ff14a7acaf1a229c5e28ab13ed22c99

  • SHA512

    237075e8115de5fde24dae339e6ddc3d2540993b8c420f16a8995d63b3b2628f62088c0d4327dd1f98f63d83ed74f9c1fe83ee722db549f53876e65c45f921f0

  • SSDEEP

    49152:jpjKPCexHdaV5UT0PbDTQfWPjgH3/OiU7H1OXQ:jp2qeHdIST0PPTNPjIHU7HEXQ

Score
10/10
bumblebee132cctrojan

Malware Config

Extracted

Family

bumblebee

Botnet

132cc

C2

173.234.155.246:443

172.86.120.111:443

31.232.16.192:443

205.185.113.34:443

103.175.16.104:443

23.254.167.63:443

23.82.140.155:443

51.68.144.43:443

185.173.34.35:443

104.168.157.253:443

146.19.173.86:443

160.20.147.242:443
rc4.plain

Targets

    • Target

      contribute.dll

    • Size

      2.2MB

    • MD5

      a719d4ef0765ba845179d9819c37c061

    • SHA1

      9aa9bc1b5707bddcbfbdbf5f8d24e477428d59af

    • SHA256

      05e26546200479529011d3500d17694e8ff14a7acaf1a229c5e28ab13ed22c99

    • SHA512

      237075e8115de5fde24dae339e6ddc3d2540993b8c420f16a8995d63b3b2628f62088c0d4327dd1f98f63d83ed74f9c1fe83ee722db549f53876e65c45f921f0

    • SSDEEP

      49152:jpjKPCexHdaV5UT0PbDTQfWPjgH3/OiU7H1OXQ:jp2qeHdIST0PPTNPjIHU7HEXQ

    Score
    10/10
    bumblebee132cctrojan

    • BumbleBee

      BumbleBee is a webshell malware written in C++.

      trojanbumblebee

    • Blocklisted process makes network request

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks