General

  • Target

    696-142-0x00000000028C0000-0x0000000002AD8000-memory.dmp

  • Size

    2.1MB

  • MD5

    5295c807c10f1633b5bdc3eaf93b4a23

  • SHA1

    f46f5883cbcf6070bf970cd747156c4673ca4159

  • SHA256

    39d25ae018564c6c2e465a05c6bb33b6b4251c633b4faa558bd5529235c63c6a

  • SHA512

    62211308c746b7f23354b8526ce94403aa4b6bbed795e80764a2bdc3a4defc97aff4d6110fab3ef623ac693dbb9de8cd2691719bf21a7d1da5d59e205ff48e0a

  • SSDEEP

    49152:AEwBRVTf0Tk27H1X06kSm9abZ9Zx/B3/4JAs/Xf0zPJ:VwrL27Dkr63/4u

Score
10/10

Malware Config

Extracted

Family

bumblebee

Botnet

onkomsi2

Attributes
  • dga

    n64c2akw.life

    zefawfb0.life

    dph3pby8.life

    hx0hysyg.life

    1qa3k743.life

    luw8ubf2.life

    rbvsf6io.life

    4huoqrsp.life

    8qwcvseh.life

    37zi55wc.life

    i9f44mju.life

    aqnx9c9h.life

    3nmeg5wa.life

    r5ue5rok.life

    et53yjoc.life

    tvgco82h.life

    0xtmu3tz.life

    6xhpschv.life

    6o26tws0.life

    0oz7923s.life

    54y2q50j.life

    9hh7hq5r.life

    r0ca080m.life

    43vtghfz.life

    qal55els.life

    p5e68m36.life

    x698iah6.life

    kqn0zkig.life

    wq6w8jkq.life

    i6n08gx7.life

  • dga_seed

    anjd78ka

  • domain_length

    8

  • num_dga_domains

    100

  • port

    443

rc4.plain
1
NEW_BLACK

Signatures

  • Bumblebee family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 696-142-0x00000000028C0000-0x0000000002AD8000-memory.dmp
    .dll windows:6 windows x64 arch:x64


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.