bumblebee | 60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3

Resubmissions

17/01/2024, 08:56 UTC

240117-kwahaacahj 10

15/01/2024, 12:37 UTC

240115-ptgk2aggf9 10

09/10/2023, 22:51 UTC

231009-2stkesgh9x 10

05/10/2023, 05:47 UTC

231005-ggwkesah27 10

05/10/2023, 05:33 UTC

231005-f8846agh2v 10

04/10/2023, 19:02 UTC

231004-xp13wagc48 10

04/10/2023, 18:25 UTC

231004-w2lchsdh3z 10

04/10/2023, 18:18 UTC

231004-wxt4vsfg75 10

Analysis

max time kernel
554s
max time network
579s
platform
windows10-1703_x64
resource
win10-20231215-en
resource tags

arch:x64arch:x86image:win10-20231215-enlocale:en-usos:windows10-1703-x64system
submitted
17/01/2024, 08:56 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe
Size

1.1MB
MD5

5f4d6eea465bbfb88b0057dfd9978215
SHA1

7a169f39d864e0d48d0b86209434f5e85b6ecc6e
SHA256

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3
SHA512

331ccfe2d6f7512a8cf1033fb88d0e6d76243a2ec7910c8304aff0828e2b741e1c8b54d4b83aaed08da3ef7f7b485a6119c8fe31ce6429ec3c62dacd64f25d5f
SSDEEP

24576:9DqG4BipGRcqzO7I19YpwQXPRt5atP2xQgy3:9DqFrH6819EhPRt6edc

Score

10^/10

bumblebee is0210 loader

Malware Config

Extracted

Family

bumblebee

Botnet

is0210

Attributes

dga
g7qf7ew5c.life

ibgrlnu1e.life

x5fnzbct1.life

1i2vp7bte.life

dflucrsh8.life

0f8ql4hr8.life

f9ftn74zw.life

nwm76e7b5.life

3hjqyzaex.life

v43qhl0mc.life

6aepjxcgi.life

4tbwu08rg.life

nzz3urf67.life

9xspr6w4a.life

oikdiug9o.life

vajo99879.life

5v7x1sqr4.life

57gqsekdz.life

5v5gciivx.life

33a1wkm3h.life

vt6xqpldf.life

t9lqm51rl.life

p75sz88kk.life

wz9ar8gpv.life

fdx4ra84n.life

nx37k4a6z.life

m8mczdgxv.life

wj7y0l4d9.life

hit0fdgit.life

82c6g5meu.life

v6s2bgwjy.life

axz9lii03.life

mect9esfe.life

63jgu7cc4.life

nvmct2zui.life

q6skdcbss.life

6d0v3982p.life

sdq9dz3el.life

hk7pts8c4.life

unbvfmj8m.life

icfdtd5kg.life

fpfegvuji.life

174nj83w4.life

iaw7acs0l.life

7ckqzdd3x.life

ijm0ed3k1.life

zf2n46wcv.life

lu6ejhqou.life

lwirapl73.life

qfk7wvaqu.life

4qnh6gcgq.life

txhc0jkvz.life

vqdomqhuu.life

pktl8qocp.life

k6151ybqq.life

7tvv8z14g.life

5qqfopla3.life

zrss2lw86.life

nm9t9jnct.life

cug2asazc.life

1lz092j54.life

krte45xa7.life

0jicug6ad.life

ayq1qslr5.life

jhsphzy91.life

yxlzsl1kb.life

6wd61b2x1.life

zuie54mzq.life

wmgficnz5.life

dg89us2b9.life

i36nu9vvk.life

88yyb0y7f.life

kt8167fc5.life

g8aydw1u5.life

iqjlr37zk.life

natsnrf8l.life

531sfiv6v.life

20g7eprtr.life

edr79crfe.life

f7t2o54dj.life

zmb1qz40y.life

7cg9hpaue.life

2kwd5uc8w.life

t3vg6n5hl.life

6g2hzw89g.life

zr36ks33v.life

4tgmylrhp.life

ziaiqy7o3.life

np01ddgsr.life

72p4wtl3w.life

l0085vigo.life

tkka4e7sw.life

dm5h2recb.life

v9mwukcoo.life

xzkqb6n29.life

xn2mvcgaf.life

buvo7auzc.life

ssbrpxmsv.life

5pxs3dote.life

tnol04fti.life
dga_seed
l0210lsk
domain_length
9
num_dga_domains
100
port
443

rc4.plain

1
NEW_BLACK

Signatures

BumbleBee
BumbleBee is a loader malware written in C++.
loader bumblebee

C:\Users\Admin\AppData\Local\Temp\60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe
"C:\Users\Admin\AppData\Local\Temp\60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe"
1⤵
PID:4100

Network

DNS

g7qf7ew5c.life

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe

Remote address:

8.8.8.8:53

Request

g7qf7ew5c.life

IN A

Response

g7qf7ew5c.life

IN A

128.140.53.189
DNS

ibgrlnu1e.life

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe

Remote address:

8.8.8.8:53

Request

ibgrlnu1e.life

IN A

Response

ibgrlnu1e.life

IN A

185.25.51.139
DNS

139.51.25.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.51.25.185.in-addr.arpa

IN PTR

Response

139.51.25.185.in-addr.arpa

IN PTR

8432-40824bacloudinfo
DNS

30.243.111.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

30.243.111.52.in-addr.arpa

IN PTR

Response
DNS

11.179.89.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.179.89.13.in-addr.arpa

IN PTR

Response
DNS

180.178.17.96.in-addr.arpa

Remote address:

8.8.8.8:53

Request

180.178.17.96.in-addr.arpa

IN PTR

Response

180.178.17.96.in-addr.arpa

IN PTR

a96-17-178-180deploystaticakamaitechnologiescom
DNS

178.223.142.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

178.223.142.52.in-addr.arpa

IN PTR

Response

128.140.53.189:443

g7qf7ew5c.life

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe

156 B
3
185.25.51.139:443

ibgrlnu1e.life

https

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe

452 B
252 B
7
6
20.231.121.79:80

46 B
1

8.8.8.8:53

g7qf7ew5c.life

dns

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe

60 B
76 B
1
1

DNS Request

g7qf7ew5c.life

DNS Response

128.140.53.189
8.8.8.8:53

ibgrlnu1e.life

dns

60f4f1cd1eed873c414fb56441a3d76efbb469ee1312b3b73c0534eec1e082d3.exe

60 B
76 B
1
1

DNS Request

ibgrlnu1e.life

DNS Response

185.25.51.139
8.8.8.8:53

139.51.25.185.in-addr.arpa

dns

72 B
109 B
1
1

DNS Request

139.51.25.185.in-addr.arpa
8.8.8.8:53

30.243.111.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

30.243.111.52.in-addr.arpa
8.8.8.8:53

11.179.89.13.in-addr.arpa

dns

71 B
145 B
1
1

DNS Request

11.179.89.13.in-addr.arpa
8.8.8.8:53

180.178.17.96.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

180.178.17.96.in-addr.arpa
8.8.8.8:53

178.223.142.52.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

178.223.142.52.in-addr.arpa

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4100-0-0x0000017F97690000-0x0000017F97749000-memory.dmp

Filesize
740KB

Download
memory/4100-1-0x0000017F97990000-0x0000017F97A97000-memory.dmp

Filesize
1.0MB

Download
memory/4100-2-0x0000017F97990000-0x0000017F97A97000-memory.dmp

Filesize
1.0MB

Download
memory/4100-3-0x0000017F97990000-0x0000017F97A97000-memory.dmp

Filesize
1.0MB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

DNS Request

DNS Response

DNS Request

DNS Response

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.