bumblebee | 6fed6902e05e825c5c600df452de46736263d58920d32a9346b50c6248384211 | Triage

Submit
Reports

Overview

overview

Static

static

1

1.msi

windows7-x64

7

1.msi

windows10-2004-x64

Sharing

General

Target

1.msi
Size

3.5MB
Sample

230511-g9nehscb39
MD5

e1abe0b693e8ee3df8367caf14f8565c
SHA1

14867c8c4bbcc57efe63a71bfcde4cf832be9b2a
SHA256

6fed6902e05e825c5c600df452de46736263d58920d32a9346b50c6248384211
SHA512

f51b5d36761d9e8443809056c508e43ff668a858c02c81bb95d10cf333af1eac587cbb14e6a3b98b23845aee6d6afa35999cb2540a13846ba0864bc90f2e9be6
SSDEEP

98304:OnokaJXwylk5q30yI43EDhKgn8owQTJK/gQm5z/K:nH753iYgdOTmFK

Score

10^/10

bumblebee kp2704 trojan

Static task

static1

Behavioral task

behavioral1

Sample

1.msi

Resource

win7-20230220-en

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

1.msi

Resource

win10v2004-20230220-en

bumblebee kp2704 trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Extracted

Family

bumblebee

Botnet

kp2704

C2

103.175.16.119:443

146.19.173.76:443

172.93.201.2:443

rc4.plain

Targets

- Target
  
  1.msi
- Size
  
  3.5MB
- MD5
  
  e1abe0b693e8ee3df8367caf14f8565c
- SHA1
  
  14867c8c4bbcc57efe63a71bfcde4cf832be9b2a
- SHA256
  
  6fed6902e05e825c5c600df452de46736263d58920d32a9346b50c6248384211
- SHA512
  
  f51b5d36761d9e8443809056c508e43ff668a858c02c81bb95d10cf333af1eac587cbb14e6a3b98b23845aee6d6afa35999cb2540a13846ba0864bc90f2e9be6
- SSDEEP
  
  98304:OnokaJXwylk5q30yI43EDhKgn8owQTJK/gQm5z/K:nH753iYgdOTmFK
Score

10^/10

bumblebee kp2704 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

bumblebeekp2704trojan

© 2018-2025

Terms | Privacy