bumblebee | 7a33dd7271575d93a84138ff4d6ebe4eb068ee83555cade505eb6c84d4a5f302

Resubmissions

08-02-2024 21:52

240208-1q8e5ada57 10

Analysis

max time kernel
146s
max time network
152s
platform
windows7_x64
resource
win7-20231215-en
submitted
08-02-2024 21:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

w_ver.dll

Score

10^/10

bumblebee dcc3 loader

Malware Config

Extracted

Family

bumblebee

Botnet

dcc3

Attributes

dga
kxk0fp99.life

9b7t2l0q.life

hyivgigf.life

ge0gmguu.life

c0g886v7.life

z5gt6avq.life

bhqjgnyg.life

vtq4vrd1.life

wmds946t.life

lawsc41o.life

8zxvhrw3.life

6t152qng.life

8jenv5cj.life

nnc9xesb.life

vevijml2.life

qblg0klz.life

3botypuk.life

quw31ted.life

n9t609lu.life

mtu5eery.life

guycev3v.life

klcmu5e3.life

hm2psb94.life

wiof5kps.life

ink7i9yf.life

rj3h9lji.life

n0ohhx48.life

d5lspsc8.life

wuxe83rt.life

rka4u64f.life

7ue3qloo.life

wv7n0k5b.life

zutr3leo.life

9bydjn76.life

93628xvf.life

jh1px0y2.life

3hlr4b32.life

lq4rvf7h.life

qulj3o2b.life

o1kmnuax.life

dtacg44e.life

lq6oee8d.life

652t37sd.life

8e2fs333.life

hlbflus2.life

389wsdwk.life

k9asv5kf.life

0ny3328d.life

tkpnkize.life

rrfklwtt.life

gpw38bkj.life

v9nvi0qk.life

kxxxz02p.life

eiwkrw3v.life

tli6v0bb.life

vkm1k94n.life

56xom9cr.life

qdqw1w5c.life

ms6qhpe2.life

i8yegp0g.life

y5eqdqo8.life

mw0au96x.life

e12p0p07.life

c4e9t8ri.life

9i4h14pn.life

lnze846x.life

0ad1qrc1.life

qz7waafq.life

y6rqgp73.life

9xuj8nh1.life

1kq5u5oh.life

vpvmrmin.life

da3qmuiz.life

tztttnt4.life

k6ptpfxk.life

ouhz98km.life

ym1mmve7.life

az3hs01z.life

gb3kmt70.life

cu945ae2.life

enxlrvsp.life

puh4ptfq.life

xawrjuc7.life

6tcl7gdl.life

inwyinkt.life

si0wpv63.life

dkzmobfb.life

augbit10.life

w97o36m1.life

y833kir4.life

y2stju2y.life

agjsuxbi.life

5xrn6i3n.life

d64ijd3x.life

hkk0meg1.life

klclsjxl.life

jbq2lc4m.life

q905hr35.life

n7iemk16.life

2bdgvvjm.life
dga_seed
3169630490570045124
domain_length
8
num_dga_domains
100
port
443

rc4.plain

Signatures

BumbleBee
BumbleBee is a loader malware written in C++.
loader bumblebee
Bumblebee family
bumblebee

Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs

pid	Process
2436	regsvr32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\w_ver.dll
1⤵
- Suspicious use of NtCreateThreadExHideFromDebugger
PID:2436

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2436-0-0x0000000001E00000-0x0000000001EE7000-memory.dmp

Filesize
924KB

Download
memory/2436-1-0x00000000771A0000-0x0000000077349000-memory.dmp

Filesize
1.7MB

Download
memory/2436-3-0x00000000771A0000-0x0000000077349000-memory.dmp

Filesize
1.7MB

Download
memory/2436-2-0x0000000002190000-0x00000000023A8000-memory.dmp

Filesize
2.1MB

Download
memory/2436-6-0x0000000002190000-0x00000000023A8000-memory.dmp

Filesize
2.1MB

Download
memory/2436-5-0x00000000771A0000-0x0000000077349000-memory.dmp

Filesize
1.7MB

Download
memory/2436-7-0x0000000002190000-0x00000000023A8000-memory.dmp

Filesize
2.1MB

Download
memory/2436-8-0x0000000001E00000-0x0000000001EE7000-memory.dmp

Filesize
924KB

Download
memory/2436-9-0x00000000771A0000-0x0000000077349000-memory.dmp

Filesize
1.7MB

Download
memory/2436-10-0x00000000771A0000-0x0000000077349000-memory.dmp

Filesize
1.7MB

Download
memory/2436-11-0x00000000771A0000-0x0000000077349000-memory.dmp

Filesize
1.7MB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads