Behavioral task
behavioral1
Sample
2124-2-0x0000000002040000-0x000000000214A000-memory.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
2124-2-0x0000000002040000-0x000000000214A000-memory.dll
Resource
win10v2004-20230915-en
General
-
Target
2124-2-0x0000000002040000-0x000000000214A000-memory.dmp
-
Size
1.0MB
-
MD5
739bf9f9eedacd05d744c7f06ecac1f8
-
SHA1
99278e483c59a53b2055be313a1699469442b917
-
SHA256
344426cf727a69cd603ca64e4134d7881c45b1cee487a0461a9f0fe8ea92f52d
-
SHA512
22d46ee35062a77ecb1684af9f39dfe077272ea09ae103c5d10a1bfdc1dd2e9428137212f78d133a5e977351d43efc58194f1160513741b36e6add74d879fab9
-
SSDEEP
24576:9AZB4t8R+kvF+YcjkxL9Zx/NLkaZpLrPFRh3X6jtIWO:6vF+Ycw59Zx/NzrLrPd6jtIV
Malware Config
Extracted
bumblebee
js1
Signatures
-
Bumblebee family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2124-2-0x0000000002040000-0x000000000214A000-memory.dmp
Files
-
2124-2-0x0000000002040000-0x000000000214A000-memory.dmp.dll windows:6 windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Sections
.text Size: 634KB - Virtual size: 634KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 286KB - Virtual size: 286KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 74KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ