bumblebee | 2060-1-0x00000000004C0000-0x00000000005C7000-memory[.]dmp

Resubmissions

09-10-2023 22:51

231009-2svsgsgh9y 10

12-09-2023 04:08

230912-eqa9qsdf84 10

Sharing

Copy URL

Twitter E-mail

General

Target

2060-1-0x00000000004C0000-0x00000000005C7000-memory.dmp
Size

1.0MB
MD5

0336bba1aa5ec49e61694b41b2712cec
SHA1

0f4b8e13cf250d53dbad1d8db09a15c087f9fa9c
SHA256

33c9ae695baa09fed6396c0f70cc4ac864ac4992e27f1f29a237f3bb11d9ec73
SHA512

aaa45da7f4ee8462ecf1385e3babf1655c134ecce4b3657cba6e2aac6a610458d4ca4b40fbae3e179995244158eb594b3e029e7310702f020feaf2f3e1ac8419
SSDEEP

24576:tAZBB0pE2CwPwsqqSUZ57pBloB0h3yWjEYWT:pecDqqSOvloBu5jzs

Score

10^/10

lnk1 bumblebee

Malware Config

Extracted

Family

bumblebee

Botnet

lnk1

rc4.plain

Signatures

Bumblebee family
bumblebee

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2060-1-0x00000000004C0000-0x00000000005C7000-memory.dmp

Files

2060-1-0x00000000004C0000-0x00000000005C7000-memory.dmp
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 632KB - Virtual size: 631KB

.rdata Size: 275KB - Virtual size: 274KB

.data Size: 74KB - Virtual size: 81KB

.pdata Size: 29KB - Virtual size: 28KB

.gfids Size: 2KB - Virtual size: 1KB

.tls Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 632KB - Virtual size: 631KB

.rdata
Size: 275KB - Virtual size: 274KB

.data
Size: 74KB - Virtual size: 81KB

.pdata
Size: 29KB - Virtual size: 28KB

.gfids
Size: 2KB - Virtual size: 1KB

.tls
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 5KB