bumblebee | a4bf015a00dd0c7459f13af3ea194e7d9d3950eb359b614d2f5689e241fec55d | Triage

Sharing

General

Target

b397d94493a37c789647bc3d17fa6920.bin
Size

494KB
Sample

230909-cc635sgg74
MD5

6a39064ef5e4e445cefef920716bc0f6
SHA1

f5bb3be1d353b25b2c3ae289d28442e24716a589
SHA256

a4bf015a00dd0c7459f13af3ea194e7d9d3950eb359b614d2f5689e241fec55d
SHA512

7265c87d948516649760f4db31bafac3de847c4371e92d4f44a0f0c3013731e7e60fcb8adfca7a186472e7a1d5fd9acf01ecef75c2c1e74287184ccb49eb4a74
SSDEEP

12288:kZ9zGYvH6j+5zaRAlB7G7WR9i5m5QtHVz0mGPULS3nC96xSAN6yL:+zJZVaRUtG7a9i5mmnI8LS3C9f2L

Score

10^/10

bumblebee lnk1 trojan

Malware Config

Extracted

Family

bumblebee

Botnet

lnk1

rc4.plain

Targets

- Target
  
  66535813e58e078c4a56c502b6536725080aef5f17abf62f57348a574caccaf5.exe
- Size
  
  594KB
- MD5
  
  b397d94493a37c789647bc3d17fa6920
- SHA1
  
  bd7dabb5c87e9e80160f6da942bfd26849e8494a
- SHA256
  
  66535813e58e078c4a56c502b6536725080aef5f17abf62f57348a574caccaf5
- SHA512
  
  67428108465513a9d2b0f62c18a78e20e2b0204beeedd95a948b8587d8bc4d61371158197754fd61fdffb0648f54a9e884fd4f7a4e0629f30654da8ba0ed11b3
- SSDEEP
  
  12288:zGOWNipODV+gjelTCvc8AtzkvkBFJaC/p5lakvyKmUlZ2j:zGOZYVFjelWkBwv6bp1vcUe
Score

10^/10

bumblebee lnk1 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bumblebeelnk1trojan

behavioral2

bumblebeelnk1trojan