bumblebee | 3068-1-0x0000000000510000-0x0000000000617000-memory[.]dmp

Sharing

Copy URL

Twitter E-mail

General

Target

3068-1-0x0000000000510000-0x0000000000617000-memory.dmp
Size

1.0MB
MD5

2d05b8c94654c2bee9d207ad3ae6facb
SHA1

00fe111a07492e3aa29c63cf850febf672166f8a
SHA256

2d3b9e1b17db5b79c7956de28c767219f8637524fc4514051e4910943879bde9
SHA512

410885aeed1803b533fb028373dca41151e071934f6f431ffa4e53997a80284cb26f9f9bdb0484e220a807a1e326707bac214e73a6c95fc48a822d8e2a31a879
SSDEEP

24576:oAZBBkpEGCkPwtnyUkJ57pBloRbh3rDjZrWb:8ew6nyUOPloRl/jp0

Score

10^/10

rar0409 bumblebee

Malware Config

Extracted

Family

bumblebee

Botnet

rar0409

Attributes

dga
cmid1s1zeiu.life

itszko2ot5u.life

3v1n35i5kwx.life

newdnq1xnl9.life

jkyj6awt1ao.life

ddrjv6y42b8.life

1pnhp5o5za1.life

y13iqvlfjl5.life

xp0btfgegbo.life

gpv3uw5tmy4.life

5d7rdf3layn.life

2aed6bvquxs.life

5t9oknzu433.life

sy53gmpuq1i.life

09cwff8wgdh.life

4elhq2521mw.life

b4arp834sch.life

s3iug4uiy7t.life

q1cvhi9onpu.life

m3j4htyodnu.life

dzzrhn9rvqa.life

uriqas6zede.life

tv45x1ukt9w.life

9dnuk0xl7yc.life

zro95b8zb3r.life

9da1kshoyuq.life

zph13yx1leo.life

0q6mvuo4wl6.life

nyoqtkpub9x.life

l1bnym8lg65.life

d63hq5crsun.life

f4te7v7fi28.life

oi27t509pny.life

xg2mddk9qrj.life

9uknixukwim.life

5ejt5qpx2oh.life

v9y5rypfhdj.life

aq59tsppo18.life

vdnizm8lcke.life

knof8y1kufn.life

mhwv3bpckbi.life

b4ycw3b0ztx.life

tu0t62osn5m.life

pkgbfa9ati6.life

wd60v3x8mun.life

qpgomg0nfob.life

9619skmuswk.life

10fa4glizbq.life

h9cgsquxt5t.life

cpjeg06jqj7.life

tuaksrh3m4v.life

pnkk456mk55.life

bryfg80da8m.life

4c9takty1zx.life

17afrof66rf.life

keoauupcj2n.life

okxar0c3d29.life

759lhww6ixh.life

br40ztd8bya.life

vdug3t5r2cz.life

6j0uqybrqj4.life

km87l2nqldk.life

d421obfpnmh.life

hsk3pjutatd.life

iudmgiv2ndb.life

vf9bknmns0b.life

325g1cipn4m.life

g3z3h2xzdfv.life

i4hmyqc1p69.life

r967duebyji.life

f83jeqe01vd.life

sbprbiukvhf.life

lc2q21q7nd4.life

co7hu2019oy.life

ue9panfagh0.life

fby66hp7jm0.life

njg6qfp2lfa.life

mb1hy4vi0q7.life

7jemrghylwb.life

yxz60ai05jv.life

v68i3v975xq.life

67xsof7l8ak.life

q886dsegew3.life

16nqnk7hvgs.life

we5x2dfevhn.life

88kwlc3k73o.life

p2xo397h86f.life

njljnzf5c20.life

2g6py8d93tm.life

dz8bw5q6jy2.life

gflfug3a9lb.life

rssaelatar7.life

35l9tvici4l.life

lqhjkq5lfiu.life

3t3qouhmhww.life

fuwisezq1sl.life

ibm2bld58ah.life

h02pknjmc6v.life

enenfxgn3fh.life

zcf8nrpzrqk.life
dga_seed
TEST_SEE
domain_length
11
num_dga_domains
100
port
443

rc4.plain

Signatures

Bumblebee family
bumblebee

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3068-1-0x0000000000510000-0x0000000000617000-memory.dmp

Files

3068-1-0x0000000000510000-0x0000000000617000-memory.dmp
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 632KB - Virtual size: 631KB

.rdata Size: 275KB - Virtual size: 274KB

.data Size: 74KB - Virtual size: 81KB

.pdata Size: 29KB - Virtual size: 28KB

.gfids Size: 2KB - Virtual size: 1KB

.tls Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 632KB - Virtual size: 631KB

.rdata
Size: 275KB - Virtual size: 274KB

.data
Size: 74KB - Virtual size: 81KB

.pdata
Size: 29KB - Virtual size: 28KB

.gfids
Size: 2KB - Virtual size: 1KB

.tls
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 5KB