Resubmissions

27-10-2023 12:27

231027-pmsdysfh62 10

16-10-2023 02:37

231016-c4mhtadd45 10

General

  • Target

    15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7

  • Size

    894KB

  • Sample

    231027-pmsdysfh62

  • MD5

    a4e4f8966796845079ca6b853fd1899d

  • SHA1

    25906943d58610a2208c9312c555dee7eb16952e

  • SHA256

    15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7

  • SHA512

    22df60f5d457cca829aa86f708d6df492aa8acf794dbaed5bfac06b3f6fcbd7a331139c92465a9e5ec57232b76102b26ba593e527266709fd225ca15a3c3045a

  • SSDEEP

    12288:1hPALJCb+JI7GB5ShQUO3wY6Wpg8qvtN2FCOWPZzMe0n28qX2Y5aIv/86PaeAkYT:1hum+JI/jO3z6WStlFq4Gd66PybS

Score
10/10

Malware Config

Extracted

Family

bumblebee

Botnet

lg1010

Attributes
  • dga

    g7qf7ew5c.life

    ibgrlnu1e.life

    x5fnzbct1.life

    1i2vp7bte.life

    dflucrsh8.life

    0f8ql4hr8.life

    f9ftn74zw.life

    nwm76e7b5.life

    3hjqyzaex.life

    v43qhl0mc.life

    6aepjxcgi.life

    4tbwu08rg.life

    nzz3urf67.life

    9xspr6w4a.life

    oikdiug9o.life

    vajo99879.life

    5v7x1sqr4.life

    57gqsekdz.life

    5v5gciivx.life

    33a1wkm3h.life

    vt6xqpldf.life

    t9lqm51rl.life

    p75sz88kk.life

    wz9ar8gpv.life

    fdx4ra84n.life

    nx37k4a6z.life

    m8mczdgxv.life

    wj7y0l4d9.life

    hit0fdgit.life

    82c6g5meu.life

  • dga_seed

    l0210lsk

  • domain_length

    9

  • num_dga_domains

    100

  • port

    443

rc4.plain
1
NEW_BLACK

Targets

    • Target

      15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7

    • Size

      894KB

    • MD5

      a4e4f8966796845079ca6b853fd1899d

    • SHA1

      25906943d58610a2208c9312c555dee7eb16952e

    • SHA256

      15b7cb2818530bbf0b55ea608d85df1bd97004a8556a358c11f84dbb93b893f7

    • SHA512

      22df60f5d457cca829aa86f708d6df492aa8acf794dbaed5bfac06b3f6fcbd7a331139c92465a9e5ec57232b76102b26ba593e527266709fd225ca15a3c3045a

    • SSDEEP

      12288:1hPALJCb+JI7GB5ShQUO3wY6Wpg8qvtN2FCOWPZzMe0n28qX2Y5aIv/86PaeAkYT:1hum+JI/jO3z6WStlFq4Gd66PybS

    Score
    10/10
    • BumbleBee

      BumbleBee is a loader malware written in C++.

    • Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Matrix

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.