bumblebee | 7a33dd7271575d93a84138ff4d6ebe4eb068ee83555cade505eb6c84d4a5f302 | Triage

Resubmissions

08-02-2024 21:52

240208-1q8e5ada57 10

Sharing

General

Target

ejPdcnFXXZOoQTj-TW6_TrBo7oNVXK3lBetshNSl8wI.bin
Size

1.2MB
Sample

240208-1q8e5ada57
MD5

94a0d511f19ea13989a75e87cc97039d
SHA1

d3ebd6b61527cdb789fe25526313097d3bc8aa14
SHA256

7a33dd7271575d93a84138ff4d6ebe4eb068ee83555cade505eb6c84d4a5f302
SHA512

4a39b441ed9218b4c0f52952d0a4a835a5040fa7d04f8aa69af76eb3a875fc8f1d05adc6209a2a0b60d8d181c930f5948e45068bc5eaf4a5448e1858a4585591
SSDEEP

24576:ts2AGIbr4GoUOlzscb1GsMag8Smx1ZyLko0CI5ypSNfMnITj6GmwRmshM/9YOm+q:qpn4GoUkgcbRMJBpL90CI5ysNfMI5mK5

Score

10^/10

bumblebee dcc3 execution loader

Malware Config

Extracted

Family

bumblebee

Botnet

dcc3

Attributes

dga
kxk0fp99.life

9b7t2l0q.life

hyivgigf.life

ge0gmguu.life

c0g886v7.life

z5gt6avq.life

bhqjgnyg.life

vtq4vrd1.life

wmds946t.life

lawsc41o.life

8zxvhrw3.life

6t152qng.life

8jenv5cj.life

nnc9xesb.life

vevijml2.life

qblg0klz.life

3botypuk.life

quw31ted.life

n9t609lu.life

mtu5eery.life

guycev3v.life

klcmu5e3.life

hm2psb94.life

wiof5kps.life

ink7i9yf.life

rj3h9lji.life

n0ohhx48.life

d5lspsc8.life

wuxe83rt.life

rka4u64f.life

7ue3qloo.life

wv7n0k5b.life

zutr3leo.life

9bydjn76.life

93628xvf.life

jh1px0y2.life

3hlr4b32.life

lq4rvf7h.life

qulj3o2b.life

o1kmnuax.life

dtacg44e.life

lq6oee8d.life

652t37sd.life

8e2fs333.life

hlbflus2.life

389wsdwk.life

k9asv5kf.life

0ny3328d.life

tkpnkize.life

rrfklwtt.life

gpw38bkj.life

v9nvi0qk.life

kxxxz02p.life

eiwkrw3v.life

tli6v0bb.life

vkm1k94n.life

56xom9cr.life

qdqw1w5c.life

ms6qhpe2.life

i8yegp0g.life

y5eqdqo8.life

mw0au96x.life

e12p0p07.life

c4e9t8ri.life

9i4h14pn.life

lnze846x.life

0ad1qrc1.life

qz7waafq.life

y6rqgp73.life

9xuj8nh1.life

1kq5u5oh.life

vpvmrmin.life

da3qmuiz.life

tztttnt4.life

k6ptpfxk.life

ouhz98km.life

ym1mmve7.life

az3hs01z.life

gb3kmt70.life

cu945ae2.life

enxlrvsp.life

puh4ptfq.life

xawrjuc7.life

6tcl7gdl.life

inwyinkt.life

si0wpv63.life

dkzmobfb.life

augbit10.life

w97o36m1.life

y833kir4.life

y2stju2y.life

agjsuxbi.life

5xrn6i3n.life

d64ijd3x.life

hkk0meg1.life

klclsjxl.life

jbq2lc4m.life

q905hr35.life

n7iemk16.life

2bdgvvjm.life
dga_seed
3169630490570045124
domain_length
8
num_dga_domains
100
port
443

rc4.plain

Targets

- Target
  
  ps1.ps1
- Size
  
  71B
- MD5
  
  e6fb5ed0cbd3e324d774c7c8ff2c6caa
- SHA1
  
  fe7769b3632dec7700d4a81d44609095d0e56a98
- SHA256
  
  1e65ebca25cee22de96f313bf810a7f3324f3e811bbc1f0636aa9fdbc3801138
- SHA512
  
  f511c21615fd7ce18c5d1108d6c42f7e645ccb0db104721ec323a5e418eb8f7ef80c3a11c1d5e671269642f214daca6b720d64d54109d51549f7e0c42f2a827c
Score

10^/10

bumblebee dcc3 execution loader
- BumbleBee
  BumbleBee is a loader malware written in C++.
  loader bumblebee
- Bumblebee family
  bumblebee
- Blocklisted process makes network request
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2
- Target
  
  w_ver.dll
- Size
  
  2.3MB
- MD5
  
  e815078b81bda42fd1d8029f82f63f8c
- SHA1
  
  6ddae41b0861ff953d261dabd7d63b7ff1dce7e8
- SHA256
  
  c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a
- SHA512
  
  7330be3ff019303b49afb753b45fedf9b6794a4ea670faa2eeb477dc7168aeadad52e5499bca52eb2c23f8e9a5c021d7c2ddb1c44ce82fcd357cdd257b31f0fb
- SSDEEP
  
  24576:+7GSow1W1xmEJj65Ar478M30eNxFrSZJi8nDjXEHAzeozxlXZWXrXExoXOG8UdDP:+PKG7783j/2buc4
Score

10^/10

bumblebee dcc3 loader
- BumbleBee
  BumbleBee is a loader malware written in C++.
  loader bumblebee
- Bumblebee family
  bumblebee
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bumblebeedcc3executionloader

behavioral2

bumblebeedcc3executionloader

behavioral3

bumblebeedcc3loader

behavioral4

bumblebeedcc3loader