bumblebee | 7167f7e569a3fbae0a6ae3dbc460e3b8c885acb431f25b2d3eea22f7cab4f619 | Triage

Sharing

General

Target

b9a6e994e4940b9483abc3e009840bc1.bin
Size

495KB
Sample

230909-cga69sgg85
MD5

d94b2671f4181573830d0551deacd1ea
SHA1

8c23a5dd37310364919a21fc5869a78b1eeb3175
SHA256

7167f7e569a3fbae0a6ae3dbc460e3b8c885acb431f25b2d3eea22f7cab4f619
SHA512

0fb9c964f97672fa24b461b3cb4dd1c282c7ca2321d0d626ac2ee79361069afc7aa00fb60e17314f4e5e1d788f2cd96cec4c7746312bec5ac93ed9b289eddc65
SSDEEP

12288:Nmlg6P8auW+1d/HgaRU9LhZekt9rK9dxRzDH2Yk/RKykULGwh:NmL0jdbH5S9LX/rGPzXH2Yk/RKykULrh

Score

10^/10

bumblebee lnk1 trojan

Malware Config

Extracted

Family

bumblebee

Botnet

lnk1

rc4.plain

Targets

- Target
  
  5024340aa9e2f35324e9355d1aa1ea31c3fe8a2aed1b91f6bd718b77fb35adaa.exe
- Size
  
  592KB
- MD5
  
  b9a6e994e4940b9483abc3e009840bc1
- SHA1
  
  83c5604d5ef86da78460729a67880091255c91aa
- SHA256
  
  5024340aa9e2f35324e9355d1aa1ea31c3fe8a2aed1b91f6bd718b77fb35adaa
- SHA512
  
  6404d592a8fb06b09b784d770509892195f8032c48a7d63973e35f172ff0908cb2a465b23e370b3f7bf8c58708be991efc4e8b46d4cf74cfb65fe44c9e43af1a
- SSDEEP
  
  12288:tNWJji5RsUeSc7olo68+4Dorb9JIGGnPGo6RRCKEd:UclLlFt4Erbbu6RRCKE
Score

10^/10

bumblebee lnk1 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bumblebeelnk1trojan

behavioral2

bumblebeelnk1trojan