Overview

overview

10

Static

static

3

91e43c044f...a2.pdf

windows7-x64

1

91e43c044f...a2.pdf

windows10-2004-x64

10

Resubmissions

31-05-2023 19:16

230531-xy7a9aah8y 10

21-05-2023 20:02

230521-yr4gfsfa6w 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2

  • Size

    102KB

  • Sample

    230521-yr4gfsfa6w

  • MD5

    323ee7e3d79671befe72fe6f79f0f6b3

  • SHA1

    2442ca895275f9a4bda44c18273ad6b8d6815780

  • SHA256

    91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2

  • SHA512

    c82c927a0eb4414acd827d071e0c4af3f0128e454e2fc40ecef68dcb36b0c129fd6a53925841ad30c2baad3b75a23d49e63526fd398dfb51c610b29e736792e9

  • SSDEEP

    1536:0vxQOx1paEAUHpWKOUuH7v+B1tGRnr/spRre0pRI3dz+3WTzuS1/GJJ5zUpxc8+q:01J97O7v+B1tGRr/KRy3x+3z7H8AK

Score
10/10
bumblebee21macalinkpdftrojan

Malware Config

Extracted

Family

bumblebee

Botnet

21maca

C2

108.62.141.20:443

104.168.140.145:443

51.68.145.171:443

108.62.118.170:443

192.119.72.133:443

23.108.57.201:443
rc4.plain

Targets

    • Target

      91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2

    • Size

      102KB

    • MD5

      323ee7e3d79671befe72fe6f79f0f6b3

    • SHA1

      2442ca895275f9a4bda44c18273ad6b8d6815780

    • SHA256

      91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2

    • SHA512

      c82c927a0eb4414acd827d071e0c4af3f0128e454e2fc40ecef68dcb36b0c129fd6a53925841ad30c2baad3b75a23d49e63526fd398dfb51c610b29e736792e9

    • SSDEEP

      1536:0vxQOx1paEAUHpWKOUuH7v+B1tGRnr/spRre0pRI3dz+3WTzuS1/GJJ5zUpxc8+q:01J97O7v+B1tGRr/KRy3x+3z7H8AK

    Score
    10/10
    bumblebee21macatrojan

    • BumbleBee

      BumbleBee is a webshell malware written in C++.

      trojanbumblebee

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks