bumblebee | 7a33dd7271575d93a84138ff4d6ebe4eb068ee83555cade505eb6c84d4a5f302

Resubmissions

08-02-2024 21:52

240208-1q8e5ada57 10

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
08-02-2024 21:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

w_ver.dll
Size

2.3MB
MD5

e815078b81bda42fd1d8029f82f63f8c
SHA1

6ddae41b0861ff953d261dabd7d63b7ff1dce7e8
SHA256

c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a
SHA512

7330be3ff019303b49afb753b45fedf9b6794a4ea670faa2eeb477dc7168aeadad52e5499bca52eb2c23f8e9a5c021d7c2ddb1c44ce82fcd357cdd257b31f0fb
SSDEEP

24576:+7GSow1W1xmEJj65Ar478M30eNxFrSZJi8nDjXEHAzeozxlXZWXrXExoXOG8UdDP:+PKG7783j/2buc4

Score

10^/10

bumblebee dcc3 loader

Malware Config

Extracted

Family

bumblebee

Botnet

dcc3

Attributes

dga
vg7uaic3.life

9rzeyw6d.life

gaiuzmjh.life

fjtwh7ez.life

b7v0h14g.life

25utqefr.life

racgyvid.life

hocj7ez7.life

0yznun55.life

fcl2tw80.life

g4ggjukx.life

u3zvhegy.life

n6s0rru2.life

myskwtvz.life

es4xrlbf.life

rm0vgyz1.life

mkt3shgr.life

uj1lqdzb.life

wdxn08y6.life

xwcetuq6.life

7v3pqzur.life

z4u0pw7m.life

akzuglxg.life

0hb72lv4.life

qo725zwl.life

h5hyssny.life

dwdgv8ey.life

r1vp426o.life

s68s3bdd.life

r4x6iy6x.life

accq42df.life

z15hvoz2.life

idqrdhpg.life

sx3i8jmk.life

g7on0c47.life

d0paetq1.life

jtyk5gdq.life

wiw2pzow.life

f94vimcc.life

ztlkhvae.life

2m420uuq.life

18nf94hr.life

mc255438.life

4qrr6ij0.life

ql5hk4dj.life

b0wknuvv.life

c8o1xb3q.life

x1268u29.life

22km13qy.life

fjtg4l8d.life

12jawwzi.life

bnevdx61.life

fmeojv6b.life

frm6u0r1.life

acuaw2q0.life

i8kyugpr.life

zo2epezl.life

y7px5b06.life

x3h1ahco.life

y3v1d1vu.life

tmzcoebw.life

t5me2n7i.life

u45wcqn7.life

thde5hd5.life

56snpngr.life

orc3zq3c.life

ecdb0x3j.life

1330r5tl.life

ymxcwnjs.life

4eo14u97.life

dza0z859.life

gvwgb5nw.life

0be6z82a.life

qz0pzkv1.life

ig4xohtj.life

rtnzmwv0.life

x9e2x6a2.life

wvxatase.life

5zime47c.life

o0r9qsit.life

x2h84q1y.life

5s9j4ij0.life

rqmbst2l.life

widcqm70.life

kkrmo7k8.life

lni114wn.life

w9inw8u1.life

qpxq51gq.life

2r5pct64.life

2x5sidtj.life

61oankru.life

n1iq0gkh.life

g27j5iqe.life

y0a5tf81.life

pmrzi1bx.life

7nx3ips8.life

5a0mrc70.life

5cai9tan.life

4bekj09u.life

2jrlu58d.life
dga_seed
Ķ�C#��+
domain_length
8
num_dga_domains
100
port
443

rc4.plain

Signatures

BumbleBee
BumbleBee is a loader malware written in C++.
loader bumblebee
Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs

Processes:

regsvr32.exe

pid process

3136 regsvr32.exe

pid	process
3136	regsvr32.exe

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\w_ver.dll
1⤵
- Suspicious use of NtCreateThreadExHideFromDebugger
PID:3136

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3136-0-0x0000000002C10000-0x0000000002CF7000-memory.dmp

Filesize
924KB

Download
memory/3136-1-0x0000000002F20000-0x0000000003138000-memory.dmp

Filesize
2.1MB

Download
memory/3136-3-0x00007FF84BB30000-0x00007FF84BD25000-memory.dmp

Filesize
2.0MB

Download
memory/3136-4-0x0000000002F20000-0x0000000003138000-memory.dmp

Filesize
2.1MB

Download
memory/3136-2-0x0000000002F20000-0x0000000003138000-memory.dmp

Filesize
2.1MB

Download
memory/3136-5-0x0000000002F20000-0x0000000003138000-memory.dmp

Filesize
2.1MB

Download
memory/3136-6-0x0000000002C10000-0x0000000002CF7000-memory.dmp

Filesize
924KB

Download
memory/3136-7-0x00007FF84BB30000-0x00007FF84BD25000-memory.dmp

Filesize
2.0MB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Extracted

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads