bumblebee

General

Target

ejPdcnFXXZOoQTj-TW6_TrBo7oNVXK3lBetshNSl8wI.bin
Size

1.2MB
Sample

240208-1q8e5ada57
MD5

94a0d511f19ea13989a75e87cc97039d
SHA1

d3ebd6b61527cdb789fe25526313097d3bc8aa14
SHA256

7a33dd7271575d93a84138ff4d6ebe4eb068ee83555cade505eb6c84d4a5f302
SHA512

4a39b441ed9218b4c0f52952d0a4a835a5040fa7d04f8aa69af76eb3a875fc8f1d05adc6209a2a0b60d8d181c930f5948e45068bc5eaf4a5448e1858a4585591
SSDEEP

24576:ts2AGIbr4GoUOlzscb1GsMag8Smx1ZyLko0CI5ypSNfMnITj6GmwRmshM/9YOm+q:qpn4GoUkgcbRMJBpL90CI5ysNfMI5mK5

Score

10^/10

Malware Config

Extracted

Family

bumblebee

Botnet

dcc3

Attributes

dga
vg7uaic3.life

9rzeyw6d.life

gaiuzmjh.life

fjtwh7ez.life

b7v0h14g.life

25utqefr.life

racgyvid.life

hocj7ez7.life

0yznun55.life

fcl2tw80.life

g4ggjukx.life

u3zvhegy.life

n6s0rru2.life

myskwtvz.life

es4xrlbf.life

rm0vgyz1.life

mkt3shgr.life

uj1lqdzb.life

wdxn08y6.life

xwcetuq6.life

7v3pqzur.life

z4u0pw7m.life

akzuglxg.life

0hb72lv4.life

qo725zwl.life

h5hyssny.life

dwdgv8ey.life

r1vp426o.life

s68s3bdd.life

r4x6iy6x.life

accq42df.life

z15hvoz2.life

idqrdhpg.life

sx3i8jmk.life

g7on0c47.life

d0paetq1.life

jtyk5gdq.life

wiw2pzow.life

f94vimcc.life

ztlkhvae.life

2m420uuq.life

18nf94hr.life

mc255438.life

4qrr6ij0.life

ql5hk4dj.life

b0wknuvv.life

c8o1xb3q.life

x1268u29.life

22km13qy.life

fjtg4l8d.life

12jawwzi.life

bnevdx61.life

fmeojv6b.life

frm6u0r1.life

acuaw2q0.life

i8kyugpr.life

zo2epezl.life

y7px5b06.life

x3h1ahco.life

y3v1d1vu.life

tmzcoebw.life

t5me2n7i.life

u45wcqn7.life

thde5hd5.life

56snpngr.life

orc3zq3c.life

ecdb0x3j.life

1330r5tl.life

ymxcwnjs.life

4eo14u97.life

dza0z859.life

gvwgb5nw.life

0be6z82a.life

qz0pzkv1.life

ig4xohtj.life

rtnzmwv0.life

x9e2x6a2.life

wvxatase.life

5zime47c.life

o0r9qsit.life

x2h84q1y.life

5s9j4ij0.life

rqmbst2l.life

widcqm70.life

kkrmo7k8.life

lni114wn.life

w9inw8u1.life

qpxq51gq.life

2r5pct64.life

2x5sidtj.life

61oankru.life

n1iq0gkh.life

g27j5iqe.life

y0a5tf81.life

pmrzi1bx.life

7nx3ips8.life

5a0mrc70.life

5cai9tan.life

4bekj09u.life

2jrlu58d.life
dga_seed
Ķ�C#��+
domain_length
8
num_dga_domains
100
port
443

rc4.plain

Targets

- Target
  
  ps1.ps1
- Size
  
  71B
- MD5
  
  e6fb5ed0cbd3e324d774c7c8ff2c6caa
- SHA1
  
  fe7769b3632dec7700d4a81d44609095d0e56a98
- SHA256
  
  1e65ebca25cee22de96f313bf810a7f3324f3e811bbc1f0636aa9fdbc3801138
- SHA512
  
  f511c21615fd7ce18c5d1108d6c42f7e645ccb0db104721ec323a5e418eb8f7ef80c3a11c1d5e671269642f214daca6b720d64d54109d51549f7e0c42f2a827c
Score

10^/10

bumblebee dcc3 loader
- BumbleBee
  BumbleBee is a loader malware written in C++.
  loader bumblebee
- Blocklisted process makes network request
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2
- Target
  
  w_ver.dll
- Size
  
  2.3MB
- MD5
  
  e815078b81bda42fd1d8029f82f63f8c
- SHA1
  
  6ddae41b0861ff953d261dabd7d63b7ff1dce7e8
- SHA256
  
  c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a
- SHA512
  
  7330be3ff019303b49afb753b45fedf9b6794a4ea670faa2eeb477dc7168aeadad52e5499bca52eb2c23f8e9a5c021d7c2ddb1c44ce82fcd357cdd257b31f0fb
- SSDEEP
  
  24576:+7GSow1W1xmEJj65Ar478M30eNxFrSZJi8nDjXEHAzeozxlXZWXrXExoXOG8UdDP:+PKG7783j/2buc4
Score

10^/10

bumblebee dcc3 loader
- BumbleBee
  BumbleBee is a loader malware written in C++.
  loader bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

Resubmissions

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Suspicious use of NtCreateThreadExHideFromDebugger

BumbleBee

Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4