bumblebee

General

Target

LoaderDLL.bin.exe
Size

1.4MB
Sample

230304-k42azach21
MD5

deea9419fa5187f9f454609d4d173c19
SHA1

81557fb9c53bae28c27ef6120c94c30012b408fa
SHA256

2d5c9b33ed298f5fb67ce869c74b2f2ec9179a924780da65fcbc1a0e0463c5d0
SHA512

373362932236347a7bfc06c86a1aa746cfdacafaf5b5433e368396c69a8e46039044d243cf812a163cfd1ebb796bea7480c2b495c25d7509719703f2b3da33ef
SSDEEP

24576:GJAx41SXU4LG5Vlcz8PBhNbJgwm9CEl9DAvOBddLfl93pb3:g0bG5Vyz8B9gwm95AAdhfD3

Score

10^/10

Malware Config

Extracted

Family

bumblebee

rc4.plain

Extracted

Family

bumblebee

Botnet

202lg

C2

104.168.157.253:443

209.141.40.19:443

107.189.5.17:443

23.254.167.63:443

91.206.178.234:443

146.19.173.86:443

103.175.16.104:443

194.135.33.85:443

173.234.155.246:443

51.68.144.43:443

172.86.120.111:443

160.20.147.242:443

51.75.62.204:443

205.185.113.34:443

194.135.33.184:443

23.82.140.155:443

185.173.34.35:443

rc4.plain

Targets

- Target
  
  LoaderDLL.bin.exe
- Size
  
  1.4MB
- MD5
  
  deea9419fa5187f9f454609d4d173c19
- SHA1
  
  81557fb9c53bae28c27ef6120c94c30012b408fa
- SHA256
  
  2d5c9b33ed298f5fb67ce869c74b2f2ec9179a924780da65fcbc1a0e0463c5d0
- SHA512
  
  373362932236347a7bfc06c86a1aa746cfdacafaf5b5433e368396c69a8e46039044d243cf812a163cfd1ebb796bea7480c2b495c25d7509719703f2b3da33ef
- SSDEEP
  
  24576:GJAx41SXU4LG5Vlcz8PBhNbJgwm9CEl9DAvOBddLfl93pb3:g0bG5Vyz8B9gwm95AAdhfD3
Score

10^/10

bumblebee 202lg trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2