bumblebee | e1dbce8a89b5fea0f3cf6da9560fd573dfe9c93c5d6d8d2fef8902a3589cdf15 | Triage

Sharing

General

Target

a6ac1a8bb63362ed7515f2ca02fb52be.exe
Size

1.1MB
Sample

231014-b3geqscb52
MD5

a6ac1a8bb63362ed7515f2ca02fb52be
SHA1

8781347d2e723f823d5b996bc22389b14a4a72c8
SHA256

e1dbce8a89b5fea0f3cf6da9560fd573dfe9c93c5d6d8d2fef8902a3589cdf15
SHA512

6f01f0a630afff0dd71c5e457c8dbdb3a7743fb6337740384e034dad0d6b3f002992f2df5c953f223f8b2589098c43640b705a25482ed1c939a61b6dd783392d
SSDEEP

24576:K40kaG+iDe5cMQW7v7+KIUC/ofj1fpLgN:K40kd+35cMv

Score

10^/10

bumblebee js1 trojan

Malware Config

Extracted

Family

bumblebee

Botnet

js1

rc4.plain

Targets

- Target
  
  a6ac1a8bb63362ed7515f2ca02fb52be.exe
- Size
  
  1.1MB
- MD5
  
  a6ac1a8bb63362ed7515f2ca02fb52be
- SHA1
  
  8781347d2e723f823d5b996bc22389b14a4a72c8
- SHA256
  
  e1dbce8a89b5fea0f3cf6da9560fd573dfe9c93c5d6d8d2fef8902a3589cdf15
- SHA512
  
  6f01f0a630afff0dd71c5e457c8dbdb3a7743fb6337740384e034dad0d6b3f002992f2df5c953f223f8b2589098c43640b705a25482ed1c939a61b6dd783392d
- SSDEEP
  
  24576:K40kaG+iDe5cMQW7v7+KIUC/ofj1fpLgN:K40kd+35cMv
Score

10^/10

bumblebee js1 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bumblebeejs1trojan

behavioral2

bumblebeejs1trojan