Overview

overview

10

Static

static

3

c34e5d36bd...9a.dll

windows7-x64

10

Resubmissions

23-02-2024 10:07

240223-l5tg7aee8t 10

16-02-2024 15:46

240216-s7wtnadd27 10

Analysis

  • max time kernel
    59s
  • max time network
    63s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-02-2024 10:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a.dll

  • Size

    2.3MB

  • MD5

    e815078b81bda42fd1d8029f82f63f8c

  • SHA1

    6ddae41b0861ff953d261dabd7d63b7ff1dce7e8

  • SHA256

    c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a

  • SHA512

    7330be3ff019303b49afb753b45fedf9b6794a4ea670faa2eeb477dc7168aeadad52e5499bca52eb2c23f8e9a5c021d7c2ddb1c44ce82fcd357cdd257b31f0fb

  • SSDEEP

    24576:+7GSow1W1xmEJj65Ar478M30eNxFrSZJi8nDjXEHAzeozxlXZWXrXExoXOG8UdDP:+PKG7783j/2buc4

Score
10/10
bumblebeedcc3loader

Malware Config

Extracted

Family

bumblebee

Botnet

dcc3

rc4.plain

Signatures

  • BumbleBee

    BumbleBee is a loader malware written in C++.

    loaderbumblebee
  • Suspicious use of NtCreateThreadExHideFromDebugger 1 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\c34e5d36bd3a9a6fca92e900ab015aa50bb20d2cd6c0b6e03d070efe09ee689a.dll
    1⤵
    • Suspicious use of NtCreateThreadExHideFromDebugger
    PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2732-0-0x0000000001E80000-0x0000000001F67000-memory.dmp

    Filesize

    924KB

    Download

  • memory/2732-1-0x0000000002190000-0x00000000023A8000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/2732-2-0x0000000077B20000-0x0000000077CC9000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2732-5-0x0000000002190000-0x00000000023A8000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/2732-4-0x0000000077B20000-0x0000000077CC9000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2732-6-0x0000000002190000-0x00000000023A8000-memory.dmp

    Filesize

    2.1MB

    Download

  • memory/2732-7-0x0000000001E80000-0x0000000001F67000-memory.dmp

    Filesize

    924KB

    Download

  • memory/2732-8-0x0000000077B20000-0x0000000077CC9000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2732-9-0x0000000077B20000-0x0000000077CC9000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2732-10-0x0000000077B20000-0x0000000077CC9000-memory.dmp

    Filesize

    1.7MB

    Download