bumblebee | 35f2ec59313bbe5b78e4b043f06f8961f6f3e77b870544d15ee7cc1fca987d8c | Triage

Resubmissions

16-10-2023 02:56

231016-de79nadd75 10

09-10-2023 22:51

231009-2szfnsba43 10

05-04-2023 07:15

230405-h3fxjacc85 10

Sharing

General

Target

inst1.exe
Size

1.6MB
Sample

231016-de79nadd75
MD5

1eb4bd24c3d02a38a333eaeee4b9b49d
SHA1

3c85c03088b07bfcbbe969af0cbdde9bd26e69d8
SHA256

35f2ec59313bbe5b78e4b043f06f8961f6f3e77b870544d15ee7cc1fca987d8c
SHA512

3581aa74972f21bf22191181a9db68ec6db1071b153ee4a40519129b34c6be3cdbe32e3a65d4ad64f20bd224fb2d2f91e72139b250b69a0c80456f80a3c2cff5
SSDEEP

24576:drYB2BBDhQ0uQn65tmj83OA7IBgXOB6ycon/sl3O6mvV4:dhT+fhavA8BIfyF/st

Score

10^/10

bumblebee inst trojan

Malware Config

Extracted

Family

bumblebee

Botnet

inst

C2

194.15.216.247:443

23.106.215.141:443

104.168.244.96:443

51.83.255.85:443

192.119.81.86:443

rc4.plain

Targets

- Target
  
  inst1.exe
- Size
  
  1.6MB
- MD5
  
  1eb4bd24c3d02a38a333eaeee4b9b49d
- SHA1
  
  3c85c03088b07bfcbbe969af0cbdde9bd26e69d8
- SHA256
  
  35f2ec59313bbe5b78e4b043f06f8961f6f3e77b870544d15ee7cc1fca987d8c
- SHA512
  
  3581aa74972f21bf22191181a9db68ec6db1071b153ee4a40519129b34c6be3cdbe32e3a65d4ad64f20bd224fb2d2f91e72139b250b69a0c80456f80a3c2cff5
- SSDEEP
  
  24576:drYB2BBDhQ0uQn65tmj83OA7IBgXOB6ycon/sl3O6mvV4:dhT+fhavA8BIfyF/st
Score

10^/10

bumblebee inst trojan
- BumbleBee
  BumbleBee is a webshell malware written in C++.
  trojan bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

bumblebeeinsttrojan

behavioral2

bumblebeeinsttrojan