bumblebee | 15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7 | Triage

Resubmissions

11-10-2023 14:40

231011-r1t6tafd89 10

10-10-2023 17:19

231010-vv4pvaeg9s 10

Sharing

General

Target

15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7_JC.exe
Size

894KB
Sample

231011-r1t6tafd89
MD5

a4e4f8966796845079ca6b853fd1899d
SHA1

25906943d58610a2208c9312c555dee7eb16952e
SHA256

15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7
SHA512

22df60f5d457cca829aa86f708d6df492aa8acf794dbaed5bfac06b3f6fcbd7a331139c92465a9e5ec57232b76102b26ba593e527266709fd225ca15a3c3045a
SSDEEP

12288:1hPALJCb+JI7GB5ShQUO3wY6Wpg8qvtN2FCOWPZzMe0n28qX2Y5aIv/86PaeAkYT:1hum+JI/jO3z6WStlFq4Gd66PybS

Score

10^/10

bumblebee lg1010 trojan

Malware Config

Extracted

Family

bumblebee

Botnet

lg1010

rc4.plain

Targets

- Target
  
  15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7_JC.exe
- Size
  
  894KB
- MD5
  
  a4e4f8966796845079ca6b853fd1899d
- SHA1
  
  25906943d58610a2208c9312c555dee7eb16952e
- SHA256
  
  15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7
- SHA512
  
  22df60f5d457cca829aa86f708d6df492aa8acf794dbaed5bfac06b3f6fcbd7a331139c92465a9e5ec57232b76102b26ba593e527266709fd225ca15a3c3045a
- SSDEEP
  
  12288:1hPALJCb+JI7GB5ShQUO3wY6Wpg8qvtN2FCOWPZzMe0n28qX2Y5aIv/86PaeAkYT:1hum+JI/jO3z6WStlFq4Gd66PybS
Score

10^/10

bumblebee lg1010 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bumblebeelg1010trojan

behavioral2

bumblebeelg1010trojan