bumblebee | 2040-1-0x0000000000490000-0x0000000000597000-memory[.]dmp

Resubmissions

09-10-2023 22:51

231009-2sxl3sba38 10

31-08-2023 22:13

230831-15h4sabb39 10

Sharing

Copy URL

Twitter E-mail

General

Target

2040-1-0x0000000000490000-0x0000000000597000-memory.dmp
Size

1.0MB
MD5

c5cc2565b8f644af3fd06b655fef9e01
SHA1

ce927a3d5fac1a465eb9ad65a40450a863c964cf
SHA256

5f9bdfccbab05f35ab566cca2140d693801d4d0ae3d9f9f8fd0c67991318fe36
SHA512

8fc723b391688da0b57bbf0ec161cd057f6d8238660e0519c2247268b13f4f4b2b8e402f1fbccc3ea7202513aa4a4c007172684d47aeb1a0539ee9973aea3f75
SSDEEP

24576:oAZBBkpEGCkPwtnyUkJ57pBloRsh3T7jhrWq:8ew6nyUOPloRmfjRx

Score

10^/10

rar28 bumblebee

Malware Config

Extracted

Family

bumblebee

Botnet

rar28

rc4.plain

Signatures

Bumblebee family
bumblebee

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2040-1-0x0000000000490000-0x0000000000597000-memory.dmp

Files

2040-1-0x0000000000490000-0x0000000000597000-memory.dmp
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 632KB - Virtual size: 631KB

.rdata Size: 275KB - Virtual size: 274KB

.data Size: 74KB - Virtual size: 81KB

.pdata Size: 29KB - Virtual size: 28KB

.gfids Size: 2KB - Virtual size: 1KB

.tls Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 632KB - Virtual size: 631KB

.rdata
Size: 275KB - Virtual size: 274KB

.data
Size: 74KB - Virtual size: 81KB

.pdata
Size: 29KB - Virtual size: 28KB

.gfids
Size: 2KB - Virtual size: 1KB

.tls
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 5KB