General

  • Target

    10406548368.zip

  • Size

    4.5MB

  • MD5

    54b79f46bd6d03fdbac681091aa757de

  • SHA1

    2233f84e1b31bc8daf04e067e614124a96449616

  • SHA256

    46dd9977519866a5e3c0118758eeeaef0bdf235199da78f9021368230e0a90e8

  • SHA512

    36a454e72f642fc176a8f362ab41e78064ca0f678a001c0b83da6e8b886d0fda5c08de4c917f70594c7bc62983e1d8302946c5c3801ee16cca78909537583968

  • SSDEEP

    98304:zzZAliCAuTZ5l3BaJi5s/Ezc96Mnt5d3BxGNTeGhKIgK+/+SHI/1KUt9Yv7plZ:ztQiClZvRt5AEwPr2NTxhKvK+NoJ0v79

Score
10/10

Malware Config

Extracted

Family

bumblebee

rc4.plain
1
W@std@@

Extracted

Family

bumblebee

Botnet

mc1904

C2

146.70.155.82:443

149.3.170.179:443

103.175.16.150:443

rc4.plain
1
JSfuURMASs

Signatures

  • Bumblebee family
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 10406548368.zip
    .zip

    Password: infected

  • 05aa0587937c153ffbd573c6ba35a446e7c9eae62a39308d6e800e127156c468
    .exe windows x64

    d896fbd44874f6dc349fa19cf7d92573


    Code Sign

    Headers

    Imports

    Sections

  • 187754f20558b7d67abb233e84ee14a85ea1791983d87d5a4dfe062799ae3d3c
    .dll windows x64

    7e67bc8966663720e52fe10778f5a917


    Headers

    Imports

    Exports

    Sections

  • 2d5c9b33ed298f5fb67ce869c74b2f2ec9179a924780da65fcbc1a0e0463c5d0
    .dll windows x64

    83f847006bcd9e79aedb74fc499583c6


    Headers

    Imports

    Exports

    Sections

  • 35f2ec59313bbe5b78e4b043f06f8961f6f3e77b870544d15ee7cc1fca987d8c
    .exe windows x64

    5a83b775f11fca962faec5d7d036c1c6


    Code Sign

    Headers

    Imports

    Sections

  • 9570591e6b867c4f84aa74812957f13bc648ba7d2f1cbff9545005ededcb45f9
    .exe windows x64

    5a83b775f11fca962faec5d7d036c1c6


    Code Sign

    Headers

    Imports

    Sections

  • d6fd979020f6dd1d550b08fe33fec962359efe1479fca5a7d4240e9e05540cf0
    .dll windows x64

    2fe2e7082a95cdfb4a2c89d515c31d6e


    Headers

    Imports

    Exports

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.