Overview

overview

10

Static

static

1

Contract_0...37.exe

windows7-x64

10

Contract_0...37.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Contract_02_21_Copy#37.exe

  • Size

    1.4MB

  • Sample

    230222-e17exshh24

  • MD5

    946b646b2fe987dfc85ca9ef74d8ac9d

  • SHA1

    914e3a304d51536619fe321e56fc7314e99581ca

  • SHA256

    e25fce6bc165c88a328f78af52f41d1d019e8b02b1c640faaccfd67f54e8b20d

  • SHA512

    5eb82cd86e4db574b15baf63805fc460a43a0f9c19c39b18759a782ce471a169c48bb61efe885d76e1903f217c148a2ce8e63160365cca0893521aa32891f4d1

  • SSDEEP

    24576:FFLRcfyjesvsR18c7Giwtmk6a525BnKzyNFn/7e:LiYS86p1aQRNRe

Score
10/10
bumblebee21macatrojan

Malware Config

Extracted

Family

bumblebee

Botnet

21maca

C2

108.62.141.20:443

104.168.140.145:443

51.68.145.171:443

108.62.118.170:443

192.119.72.133:443

23.108.57.201:443
rc4.plain

Targets

    • Target

      Contract_02_21_Copy#37.exe

    • Size

      1.4MB

    • MD5

      946b646b2fe987dfc85ca9ef74d8ac9d

    • SHA1

      914e3a304d51536619fe321e56fc7314e99581ca

    • SHA256

      e25fce6bc165c88a328f78af52f41d1d019e8b02b1c640faaccfd67f54e8b20d

    • SHA512

      5eb82cd86e4db574b15baf63805fc460a43a0f9c19c39b18759a782ce471a169c48bb61efe885d76e1903f217c148a2ce8e63160365cca0893521aa32891f4d1

    • SSDEEP

      24576:FFLRcfyjesvsR18c7Giwtmk6a525BnKzyNFn/7e:LiYS86p1aQRNRe

    Score
    10/10
    bumblebee21macatrojan

    • BumbleBee

      BumbleBee is a webshell malware written in C++.

      trojanbumblebee

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks