Overview

overview

10

Static

static

1

inst5.exe

windows7-x64

10

inst5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    inst5.exe

  • Size

    1.6MB

  • Sample

    230405-jcdj6acd44

  • MD5

    e8b42b455ad5c4d250dd4fd42b227fc4

  • SHA1

    b1407fe42481ab0a707bb2cb161ebdc00c55c513

  • SHA256

    9570591e6b867c4f84aa74812957f13bc648ba7d2f1cbff9545005ededcb45f9

  • SHA512

    821cdbad69ecdf13293b88ec89252503dc67c874f5b34859769cdd37047520ff13f818443aee53a7e8c1793c44f439de2ea0d09a74170ff0020bf0aaab93c4e3

  • SSDEEP

    24576:tCqGvilxnZNLziKkRvfGbc7UxlG5BhC526U2Lo+1f0EN:tCD4Zyxa9lrDZ

Score
10/10
bumblebeeinsttrojan

Malware Config

Extracted

Family

bumblebee

Botnet

inst

C2

37.79.205.12:443

51.83.255.85:443

192.119.81.86:443

23.106.215.141:443

194.15.216.247:443

104.168.244.96:443
rc4.plain

Targets

    • Target

      inst5.exe

    • Size

      1.6MB

    • MD5

      e8b42b455ad5c4d250dd4fd42b227fc4

    • SHA1

      b1407fe42481ab0a707bb2cb161ebdc00c55c513

    • SHA256

      9570591e6b867c4f84aa74812957f13bc648ba7d2f1cbff9545005ededcb45f9

    • SHA512

      821cdbad69ecdf13293b88ec89252503dc67c874f5b34859769cdd37047520ff13f818443aee53a7e8c1793c44f439de2ea0d09a74170ff0020bf0aaab93c4e3

    • SSDEEP

      24576:tCqGvilxnZNLziKkRvfGbc7UxlG5BhC526U2Lo+1f0EN:tCD4Zyxa9lrDZ

    Score
    10/10
    bumblebeeinsttrojan

    • BumbleBee

      BumbleBee is a webshell malware written in C++.

      trojanbumblebee

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks