General

  • Target

    a6ac1a8bb63362ed7515f2ca02fb52be.exe

  • Size

    1.1MB

  • Sample

    230914-kr6pxsag7v

  • MD5

    a6ac1a8bb63362ed7515f2ca02fb52be

  • SHA1

    8781347d2e723f823d5b996bc22389b14a4a72c8

  • SHA256

    e1dbce8a89b5fea0f3cf6da9560fd573dfe9c93c5d6d8d2fef8902a3589cdf15

  • SHA512

    6f01f0a630afff0dd71c5e457c8dbdb3a7743fb6337740384e034dad0d6b3f002992f2df5c953f223f8b2589098c43640b705a25482ed1c939a61b6dd783392d

  • SSDEEP

    24576:K40kaG+iDe5cMQW7v7+KIUC/ofj1fpLgN:K40kd+35cMv

Score
10/10

Malware Config

Extracted

Family

bumblebee

Botnet

js1

rc4.plain
1
NEW_BLACK

Targets

    • Target

      a6ac1a8bb63362ed7515f2ca02fb52be.exe

    • Size

      1.1MB

    • MD5

      a6ac1a8bb63362ed7515f2ca02fb52be

    • SHA1

      8781347d2e723f823d5b996bc22389b14a4a72c8

    • SHA256

      e1dbce8a89b5fea0f3cf6da9560fd573dfe9c93c5d6d8d2fef8902a3589cdf15

    • SHA512

      6f01f0a630afff0dd71c5e457c8dbdb3a7743fb6337740384e034dad0d6b3f002992f2df5c953f223f8b2589098c43640b705a25482ed1c939a61b6dd783392d

    • SSDEEP

      24576:K40kaG+iDe5cMQW7v7+KIUC/ofj1fpLgN:K40kd+35cMv

    Score
    10/10
    • BumbleBee

      BumbleBee is a webshell malware written in C++.

    • Drops file in System32 directory

    • Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.