General

  • Target

    SecuriteInfo.com.Win64.InjectorX-gen.3183.32393.exe

  • Size

    1.1MB

  • Sample

    230914-nzkzzabg3y

  • MD5

    3a96a42f6d6334a36d2ea26abb0a2c95

  • SHA1

    d88496edc6ed76072d656f68c3bd845bc823e442

  • SHA256

    131cee43a6f14bd9133246e87828275c30b2ad9d3036b4fcd4a08001903fa7e7

  • SHA512

    1dc98be046c80e65e028fac53340e90397c0aca7fdb33b9fa22f7e9ca2e6947b86170d0660fd2a391569959661b3e4634a925a16f4d2a4edcd4beb0dfa302ca1

  • SSDEEP

    12288:VOQRLO3Bp/U4uxkfRZ2qKoWep2F0D02lHoSrcrb+OArPFJz9N4xvYb8:VOQR63XMxkpkqKZ+e0Z8uprPrf4xQo

Score
10/10

Malware Config

Extracted

Family

bumblebee

Botnet

js1

rc4.plain

Targets

    • Target

      SecuriteInfo.com.Win64.InjectorX-gen.3183.32393.exe

    • Size

      1.1MB

    • MD5

      3a96a42f6d6334a36d2ea26abb0a2c95

    • SHA1

      d88496edc6ed76072d656f68c3bd845bc823e442

    • SHA256

      131cee43a6f14bd9133246e87828275c30b2ad9d3036b4fcd4a08001903fa7e7

    • SHA512

      1dc98be046c80e65e028fac53340e90397c0aca7fdb33b9fa22f7e9ca2e6947b86170d0660fd2a391569959661b3e4634a925a16f4d2a4edcd4beb0dfa302ca1

    • SSDEEP

      12288:VOQRLO3Bp/U4uxkfRZ2qKoWep2F0D02lHoSrcrb+OArPFJz9N4xvYb8:VOQR63XMxkpkqKZ+e0Z8uprPrf4xQo

    Score
    10/10
    • BumbleBee

      BumbleBee is a webshell malware written in C++.

    • Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Matrix

Tasks