General
-
Target
1700-1-0x0000000000460000-0x0000000000567000-memory.bin
-
Size
1.0MB
-
MD5
92f3a647afa341d865e73ee2a2a820e7
-
SHA1
8b2a8a382e427cba69e05248318a9a40cb92ea9d
-
SHA256
b1bdbfcbb360c4d2fb7999924fd2bed4149a98ef4ee4108ed89eb10e87ca69be
-
SHA512
177d4c5ce01293d4e6f5186820cf4b0e2e57d2d8f63544a6bfac6686ba46aea603b967a5ae2b88418f6a66208e7c04cc2262b0d7226b3cbc89c9d0700e8d5096
-
SSDEEP
24576:tAZBB0pE2CwPwsqqSUZ57pBloB+h3oQjmYWl:pecDqqSOvloBUtjxS
Malware Config
Extracted
bumblebee
lnk1
-
dga
cmid1s1zeiu.life
itszko2ot5u.life
3v1n35i5kwx.life
newdnq1xnl9.life
jkyj6awt1ao.life
ddrjv6y42b8.life
1pnhp5o5za1.life
y13iqvlfjl5.life
xp0btfgegbo.life
gpv3uw5tmy4.life
5d7rdf3layn.life
2aed6bvquxs.life
5t9oknzu433.life
sy53gmpuq1i.life
09cwff8wgdh.life
4elhq2521mw.life
b4arp834sch.life
s3iug4uiy7t.life
q1cvhi9onpu.life
m3j4htyodnu.life
dzzrhn9rvqa.life
uriqas6zede.life
tv45x1ukt9w.life
9dnuk0xl7yc.life
zro95b8zb3r.life
9da1kshoyuq.life
zph13yx1leo.life
0q6mvuo4wl6.life
nyoqtkpub9x.life
l1bnym8lg65.life
d63hq5crsun.life
f4te7v7fi28.life
oi27t509pny.life
xg2mddk9qrj.life
9uknixukwim.life
5ejt5qpx2oh.life
v9y5rypfhdj.life
aq59tsppo18.life
vdnizm8lcke.life
knof8y1kufn.life
mhwv3bpckbi.life
b4ycw3b0ztx.life
tu0t62osn5m.life
pkgbfa9ati6.life
wd60v3x8mun.life
qpgomg0nfob.life
9619skmuswk.life
10fa4glizbq.life
h9cgsquxt5t.life
cpjeg06jqj7.life
tuaksrh3m4v.life
pnkk456mk55.life
bryfg80da8m.life
4c9takty1zx.life
17afrof66rf.life
keoauupcj2n.life
okxar0c3d29.life
759lhww6ixh.life
br40ztd8bya.life
vdug3t5r2cz.life
6j0uqybrqj4.life
km87l2nqldk.life
d421obfpnmh.life
hsk3pjutatd.life
iudmgiv2ndb.life
vf9bknmns0b.life
325g1cipn4m.life
g3z3h2xzdfv.life
i4hmyqc1p69.life
r967duebyji.life
f83jeqe01vd.life
sbprbiukvhf.life
lc2q21q7nd4.life
co7hu2019oy.life
ue9panfagh0.life
fby66hp7jm0.life
njg6qfp2lfa.life
mb1hy4vi0q7.life
7jemrghylwb.life
yxz60ai05jv.life
v68i3v975xq.life
67xsof7l8ak.life
q886dsegew3.life
16nqnk7hvgs.life
we5x2dfevhn.life
88kwlc3k73o.life
p2xo397h86f.life
njljnzf5c20.life
2g6py8d93tm.life
dz8bw5q6jy2.life
gflfug3a9lb.life
rssaelatar7.life
35l9tvici4l.life
lqhjkq5lfiu.life
3t3qouhmhww.life
fuwisezq1sl.life
ibm2bld58ah.life
h02pknjmc6v.life
enenfxgn3fh.life
zcf8nrpzrqk.life
-
dga_seed
TEST_SEE
-
domain_length
11
-
num_dga_domains
100
-
port
443
Signatures
-
Bumblebee family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1700-1-0x0000000000460000-0x0000000000567000-memory.bin
Files
-
1700-1-0x0000000000460000-0x0000000000567000-memory.bin.exe windows:6 windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 632KB - Virtual size: 631KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 275KB - Virtual size: 274KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 74KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 29KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ