bumblebee | 2052-1-0x0000000000510000-0x0000000000671000-memory[.]dmp

General

Target

2052-1-0x0000000000510000-0x0000000000671000-memory.dmp
Size

1.4MB
MD5

ae2ae27005a773d26389a8ab5fd4ed68
SHA1

a346c6150fce6763be52f2a215f7555ec700ee49
SHA256

e27b482c5daa9bc8bf9bfde01c16884890654c7fa60f9534d21b423364106920
SHA512

5b6c58be13847ca0038cd5b7653da04ce1b744d9da543c9424462684e40068b787d04a119c13b39447df6b517676771b787ea228737473c32e7b0935ae7bae80
SSDEEP

24576:LO2dVaRrhSk8Bhwm2z8f6ZzoIo9Zx/f9FwwxlXwUooYGbi:wrEk8wm2Yf6Zdo9Zx/nrxRGo7+

Score

10^/10

inst bumblebee

Malware Config

Extracted

Family

bumblebee

Botnet

inst

C2

194.15.216.247:443

23.106.215.141:443

104.168.244.96:443

51.83.255.85:443

192.119.81.86:443

rc4.plain

Signatures

Bumblebee family
bumblebee

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2052-1-0x0000000000510000-0x0000000000671000-memory.dmp

Files

2052-1-0x0000000000510000-0x0000000000671000-memory.dmp
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 879KB - Virtual size: 878KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 879KB - Virtual size: 878KB

.rdata Size: 344KB - Virtual size: 343KB

.data Size: 83KB - Virtual size: 111KB

.pdata Size: 46KB - Virtual size: 46KB

.gfids Size: 4KB - Virtual size: 4KB

.tls Size: 5KB - Virtual size: 5KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 879KB - Virtual size: 878KB

.rdata
Size: 344KB - Virtual size: 343KB

.data
Size: 83KB - Virtual size: 111KB

.pdata
Size: 46KB - Virtual size: 46KB

.gfids
Size: 4KB - Virtual size: 4KB

.tls
Size: 5KB - Virtual size: 5KB

.reloc
Size: 7KB - Virtual size: 7KB