Overview

overview

10

Static

static

3

w_ver.dll

windows7-x64

10

w_ver.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    w_ver.dll.exe

  • Size

    2.3MB

  • Sample

    240208-1v24xada89

  • MD5

    e815078b81bda42fd1d8029f82f63f8c

  • SHA1

    6ddae41b0861ff953d261dabd7d63b7ff1dce7e8

  • SHA256

    c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a

  • SHA512

    7330be3ff019303b49afb753b45fedf9b6794a4ea670faa2eeb477dc7168aeadad52e5499bca52eb2c23f8e9a5c021d7c2ddb1c44ce82fcd357cdd257b31f0fb

  • SSDEEP

    24576:+7GSow1W1xmEJj65Ar478M30eNxFrSZJi8nDjXEHAzeozxlXZWXrXExoXOG8UdDP:+PKG7783j/2buc4

Score
10/10
bumblebeedcc3loader

Malware Config

Extracted

Family

bumblebee

Botnet

dcc3

Attributes
  • dga

    vg7uaic3.life

    9rzeyw6d.life

    gaiuzmjh.life

    fjtwh7ez.life

    b7v0h14g.life

    25utqefr.life

    racgyvid.life

    hocj7ez7.life

    0yznun55.life

    fcl2tw80.life

    g4ggjukx.life

    u3zvhegy.life

    n6s0rru2.life

    myskwtvz.life

    es4xrlbf.life

    rm0vgyz1.life

    mkt3shgr.life

    uj1lqdzb.life

    wdxn08y6.life

    xwcetuq6.life

    7v3pqzur.life

    z4u0pw7m.life

    akzuglxg.life

    0hb72lv4.life

    qo725zwl.life

    h5hyssny.life

    dwdgv8ey.life

    r1vp426o.life

    s68s3bdd.life

    r4x6iy6x.life

    accq42df.life

    z15hvoz2.life

    idqrdhpg.life

    sx3i8jmk.life

    g7on0c47.life

    d0paetq1.life

    jtyk5gdq.life

    wiw2pzow.life

    f94vimcc.life

    ztlkhvae.life

    2m420uuq.life

    18nf94hr.life

    mc255438.life

    4qrr6ij0.life

    ql5hk4dj.life

    b0wknuvv.life

    c8o1xb3q.life

    x1268u29.life

    22km13qy.life

    fjtg4l8d.life

    12jawwzi.life

    bnevdx61.life

    fmeojv6b.life

    frm6u0r1.life

    acuaw2q0.life

    i8kyugpr.life

    zo2epezl.life

    y7px5b06.life

    x3h1ahco.life

    y3v1d1vu.life

    tmzcoebw.life

    t5me2n7i.life

    u45wcqn7.life

    thde5hd5.life

    56snpngr.life

    orc3zq3c.life

    ecdb0x3j.life

    1330r5tl.life

    ymxcwnjs.life

    4eo14u97.life

    dza0z859.life

    gvwgb5nw.life

    0be6z82a.life

    qz0pzkv1.life

    ig4xohtj.life

    rtnzmwv0.life

    x9e2x6a2.life

    wvxatase.life

    5zime47c.life

    o0r9qsit.life

    x2h84q1y.life

    5s9j4ij0.life

    rqmbst2l.life

    widcqm70.life

    kkrmo7k8.life

    lni114wn.life

    w9inw8u1.life

    qpxq51gq.life

    2r5pct64.life

    2x5sidtj.life

    61oankru.life

    n1iq0gkh.life

    g27j5iqe.life

    y0a5tf81.life

    pmrzi1bx.life

    7nx3ips8.life

    5a0mrc70.life

    5cai9tan.life

    4bekj09u.life

    2jrlu58d.life

  • dga_seed

    Ķ�C#��+

  • domain_length

    8

  • num_dga_domains

    100

  • port

    443

rc4.plain

Targets

    • Target

      w_ver.dll.exe

    • Size

      2.3MB

    • MD5

      e815078b81bda42fd1d8029f82f63f8c

    • SHA1

      6ddae41b0861ff953d261dabd7d63b7ff1dce7e8

    • SHA256

      c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a

    • SHA512

      7330be3ff019303b49afb753b45fedf9b6794a4ea670faa2eeb477dc7168aeadad52e5499bca52eb2c23f8e9a5c021d7c2ddb1c44ce82fcd357cdd257b31f0fb

    • SSDEEP

      24576:+7GSow1W1xmEJj65Ar478M30eNxFrSZJi8nDjXEHAzeozxlXZWXrXExoXOG8UdDP:+PKG7783j/2buc4

    Score
    10/10
    bumblebeedcc3loader

    • BumbleBee

      BumbleBee is a loader malware written in C++.

      loaderbumblebee

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks