Extracted

• • Target

    IN(11)-9-12-2023_639663.vbs

  • Size

    1KB

  • MD5

    8cd1c23782729f7b13e3132032059e51

  • SHA1

    7a32b8a787374840daeea67c1961085546820cb5

  • SHA256

    b820d64062d79bda89ff168acff318a14a4a0e8a06b69b074452e738ba6d485c

  • SHA512

    b7b95148b05713a80ba72b2e1343f12f713734280d54bc69cb1c653710bfad708459c8a9e102d2446cd38e220caff51b634bc012459df57294282e888677de17

  Score

  10^/10

  bumblebeejs1trojan

  • BumbleBee

    BumbleBee is a webshell malware written in C++.

    trojanbumblebee

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Suspicious use of NtCreateThreadExHideFromDebugger

  behavioral1behavioral2