Overview

overview

10

Static

static

3

SecuriteIn...93.dll

windows7-x64

10

SecuriteIn...93.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    139s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-10-2023 01:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Win64.InjectorX-gen.3183.32393.dll

  • Size

    1.1MB

  • MD5

    3a96a42f6d6334a36d2ea26abb0a2c95

  • SHA1

    d88496edc6ed76072d656f68c3bd845bc823e442

  • SHA256

    131cee43a6f14bd9133246e87828275c30b2ad9d3036b4fcd4a08001903fa7e7

  • SHA512

    1dc98be046c80e65e028fac53340e90397c0aca7fdb33b9fa22f7e9ca2e6947b86170d0660fd2a391569959661b3e4634a925a16f4d2a4edcd4beb0dfa302ca1

  • SSDEEP

    12288:VOQRLO3Bp/U4uxkfRZ2qKoWep2F0D02lHoSrcrb+OArPFJz9N4xvYb8:VOQR63XMxkpkqKZ+e0Z8uprPrf4xQo

Score
10/10
bumblebeejs1trojan

Malware Config

Extracted

Family

bumblebee

Botnet

js1

rc4.plain

Signatures

  • BumbleBee

    BumbleBee is a webshell malware written in C++.

    trojanbumblebee
  • Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Win64.InjectorX-gen.3183.32393.dll
    1⤵
    • Suspicious use of NtCreateThreadExHideFromDebugger
    PID:4716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4716-0-0x00000000029F0000-0x0000000002A69000-memory.dmp

    Filesize

    484KB

    Download

  • memory/4716-2-0x00007FFF70330000-0x00007FFF70525000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4716-3-0x00007FFF70330000-0x00007FFF70525000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4716-4-0x0000000002C30000-0x0000000002D3A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4716-1-0x0000000002C30000-0x0000000002D3A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4716-5-0x0000000002C30000-0x0000000002D3A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4716-6-0x0000000002C30000-0x0000000002D3A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4716-7-0x00000000029F0000-0x0000000002A69000-memory.dmp

    Filesize

    484KB

    Download

  • memory/4716-8-0x00007FFF70330000-0x00007FFF70525000-memory.dmp

    Filesize

    2.0MB

    Download