General

  • Target

    e4919447b9ea5c4f02a0746ab64f8e7e.exe

  • Size

    1.1MB

  • Sample

    231014-b3g19sac6x

  • MD5

    e4919447b9ea5c4f02a0746ab64f8e7e

  • SHA1

    bf40844bd9286804351cf1c51ad1f68a26b81d92

  • SHA256

    f583b43851502322a69c67f0f8f3e50f296f397e4bbb50bc646bccca6ee79215

  • SHA512

    97d4138f8f48e62aeb5e03a82adbc6c6b57ffcdf7db33687fef2ed119444070f9a8d531061a5ec21dea41ae7f3aee9fc4068f3382843422054b641fcff8dc12c

  • SSDEEP

    24576:gG95Qu5j6V4TYuVUKXs7U48XoKdtEiQnNst2Ua:gG9TfPUO

Score
10/10

Malware Config

Extracted

Family

bumblebee

Botnet

js1

rc4.plain

Targets

    • Target

      e4919447b9ea5c4f02a0746ab64f8e7e.exe

    • Size

      1.1MB

    • MD5

      e4919447b9ea5c4f02a0746ab64f8e7e

    • SHA1

      bf40844bd9286804351cf1c51ad1f68a26b81d92

    • SHA256

      f583b43851502322a69c67f0f8f3e50f296f397e4bbb50bc646bccca6ee79215

    • SHA512

      97d4138f8f48e62aeb5e03a82adbc6c6b57ffcdf7db33687fef2ed119444070f9a8d531061a5ec21dea41ae7f3aee9fc4068f3382843422054b641fcff8dc12c

    • SSDEEP

      24576:gG95Qu5j6V4TYuVUKXs7U48XoKdtEiQnNst2Ua:gG9TfPUO

    Score
    10/10
    • BumbleBee

      BumbleBee is a webshell malware written in C++.

    • Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Matrix

Tasks