bumblebee

General

Target

https://firebasestorage.googleapis.com/v0/b/fast-chess-377621.appspot.com/o/gfFgJeCLUZ%2FContract_02_21_Copy%2342.zip?alt=media&token=3daa6558-25fc-4957-9b8c-fc3746ad0eba
Sample

230222-w4svdach36

Score

10^/10

Malware Config

Extracted

Family

bumblebee

Botnet

21maca

C2

108.62.141.20:443

104.168.140.145:443

51.68.145.171:443

108.62.118.170:443

192.119.72.133:443

23.108.57.201:443

rc4.plain

Targets

- Target
  
  https://firebasestorage.googleapis.com/v0/b/fast-chess-377621.appspot.com/o/gfFgJeCLUZ%2FContract_02_21_Copy%2342.zip?alt=media&token=3daa6558-25fc-4957-9b8c-fc3746ad0eba
Score

10^/10

bumblebee 21maca trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks

static1

urlscan1

behavioral1

behavioral2