bumblebee | e714557aa665651045795c747d9b0faec60863c27edd579c7d6ed75bb33b94f1 | Triage

Resubmissions

23-02-2024 09:54

240223-lw8whsfa37 10

18-01-2024 17:02

240118-vj468sedd7 10

17-01-2024 08:56

240117-kv7fmacagr 10

13-09-2023 20:10

230913-yx26ksef8w 10

Sharing

General

Target

name.dll
Size

1.1MB
Sample

230913-yx26ksef8w
MD5

ff519023357a9cc5bb731d798de2f6b6
SHA1

c14545a2d261647012a825e77af3a52fbc2cbc4d
SHA256

e714557aa665651045795c747d9b0faec60863c27edd579c7d6ed75bb33b94f1
SHA512

daddc936416b6ff42bdc47ea50b9b7e0acdaa202f46f75e8a14422c5254eb9a23918bd42ea6131503692045cbedf66373429c9c3cd07286c649f2a04801df1c0
SSDEEP

24576:Zf4/h/FsE6r+XMKFo6hFWHWhw7a9LfMtJ3JCI:J4/hNsEiKK

Score

10^/10

bumblebee js1 trojan

Malware Config

Extracted

Family

bumblebee

Botnet

js1

rc4.plain

Targets

- Target
  
  name.dll
- Size
  
  1.1MB
- MD5
  
  ff519023357a9cc5bb731d798de2f6b6
- SHA1
  
  c14545a2d261647012a825e77af3a52fbc2cbc4d
- SHA256
  
  e714557aa665651045795c747d9b0faec60863c27edd579c7d6ed75bb33b94f1
- SHA512
  
  daddc936416b6ff42bdc47ea50b9b7e0acdaa202f46f75e8a14422c5254eb9a23918bd42ea6131503692045cbedf66373429c9c3cd07286c649f2a04801df1c0
- SSDEEP
  
  24576:Zf4/h/FsE6r+XMKFo6hFWHWhw7a9LfMtJ3JCI:J4/hNsEiKK
Score

10^/10

bumblebee js1 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bumblebeejs1trojan

behavioral2

bumblebeejs1trojan

behavioral3

bumblebeejs1trojan