bumblebee | 91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

91e43c044f...a2.pdf

windows10-1703-x64

Resubmissions

31/05/2023, 19:16 UTC

230531-xy7a9aah8y 10

21/05/2023, 20:02 UTC

230521-yr4gfsfa6w 10

Sharing

General

Target

91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2
Size

102KB
Sample

230531-xy7a9aah8y
MD5

323ee7e3d79671befe72fe6f79f0f6b3
SHA1

2442ca895275f9a4bda44c18273ad6b8d6815780
SHA256

91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2
SHA512

c82c927a0eb4414acd827d071e0c4af3f0128e454e2fc40ecef68dcb36b0c129fd6a53925841ad30c2baad3b75a23d49e63526fd398dfb51c610b29e736792e9
SSDEEP

1536:0vxQOx1paEAUHpWKOUuH7v+B1tGRnr/spRre0pRI3dz+3WTzuS1/GJJ5zUpxc8+q:01J97O7v+B1tGRr/KRy3x+3z7H8AK

Score

10^/10

bumblebee 21maca link pdf trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2.pdf

Resource

win10-20230220-en

bumblebee 21maca trojan

windows10-1703-x64

17 signatures

150 seconds

Malware Config

Extracted

Family

bumblebee

Botnet

21maca

C2

108.62.141.20:443

104.168.140.145:443

51.68.145.171:443

108.62.118.170:443

192.119.72.133:443

23.108.57.201:443

rc4.plain

1
XNgHUGLrCD

Targets

- Target
  
  91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2
- Size
  
  102KB
- MD5
  
  323ee7e3d79671befe72fe6f79f0f6b3
- SHA1
  
  2442ca895275f9a4bda44c18273ad6b8d6815780
- SHA256
  
  91e43c044fdcad13a25d772b91065f78ac7a809a57ace84a4606c4c3e92afaa2
- SHA512
  
  c82c927a0eb4414acd827d071e0c4af3f0128e454e2fc40ecef68dcb36b0c129fd6a53925841ad30c2baad3b75a23d49e63526fd398dfb51c610b29e736792e9
- SSDEEP
  
  1536:0vxQOx1paEAUHpWKOUuH7v+B1tGRnr/spRre0pRI3dz+3WTzuS1/GJJ5zUpxc8+q:01J97O7v+B1tGRr/KRy3x+3z7H8AK
Score

10^/10

bumblebee 21maca trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Executes dropped EXE
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bumblebee21macatrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.