bumblebee | 8e04a2048e545d0faaf5d1e1c995c7b9529751e378b75c41f80c6682bd84e5aa | Triage

Sharing

General

Target

hk1c9y18em.dll
Size

1.1MB
Sample

231014-b93xbacd97
MD5

b7c42a2f6443f7efb2f005b05040a40a
SHA1

66e3ecc673fbb77c697a3b178a7458617de3d227
SHA256

8e04a2048e545d0faaf5d1e1c995c7b9529751e378b75c41f80c6682bd84e5aa
SHA512

fb802bb1fbffdadc38d0bf373a868deaa03a701d079715f3261f68e7c8f77881134f4bc8154bc68b8688d2f3711e6a6c382f0e64929c9bd1715ff2aee2b49aef
SSDEEP

24576:E40kaG+iDe5cMQW7v7+KIUC/ofj1fpLgN:E40kd+35cMv

Score

10^/10

bumblebee js1 trojan

Malware Config

Extracted

Family

bumblebee

Botnet

js1

rc4.plain

Targets

- Target
  
  hk1c9y18em.dll
- Size
  
  1.1MB
- MD5
  
  b7c42a2f6443f7efb2f005b05040a40a
- SHA1
  
  66e3ecc673fbb77c697a3b178a7458617de3d227
- SHA256
  
  8e04a2048e545d0faaf5d1e1c995c7b9529751e378b75c41f80c6682bd84e5aa
- SHA512
  
  fb802bb1fbffdadc38d0bf373a868deaa03a701d079715f3261f68e7c8f77881134f4bc8154bc68b8688d2f3711e6a6c382f0e64929c9bd1715ff2aee2b49aef
- SSDEEP
  
  24576:E40kaG+iDe5cMQW7v7+KIUC/ofj1fpLgN:E40kd+35cMv
Score

10^/10

bumblebee js1 trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bumblebeejs1trojan

behavioral2

bumblebeejs1trojan