bumblebee

General

Target

fd426609da2774cf55923cb4d2320feef0f2bce24ae7abff0a015c7d7b0042e6
Size

1.1MB
Sample

240314-ba5xmagh96
MD5

0448b3e869ee9c95befe7b0c69f79401
SHA1

0a546f7c1c2328e82e2f77b0fdb076ef43ba0bbe
SHA256

fd426609da2774cf55923cb4d2320feef0f2bce24ae7abff0a015c7d7b0042e6
SHA512

1e045ea70e278505188c81a8e6d82a94b640687cc8dd8c461d8136386ad0f943bbc1fb9a8c07e5fb1c822d33893fdd131501a60d566f0a6e428bf0cccdfaec2f
SSDEEP

12288:yh/mUxV9yUJLB9hbJGk01nVJT24GUhKnsHwuDVPVIzI2mxFfokvqRLKAV55PH:yh/nBB9hSZGAwysoxFfooqRLb55P

Score

10^/10

Malware Config

Extracted

Family

bumblebee

Botnet

js1

Attributes

dga
v5b6ml4o0nq.life

d4mdwvwm8c8.life

6uwsby1vmyj.life

mp0zt8ctj70.life

tkqeai6tead.life

2xek4jch3xf.life

ugwfyzhao98.life

auq2lckl2e0.life

1odrw6y2sad.life

hk5ekbl02o8.life

knqbckw92x9.life

nnjg4uf5vij.life

nk4xgtjnvs9.life

7xbapl162fg.life

8djp3zmzbif.life

nojzch0pgfo.life

b9dsvlk8f23.life

v3jmvczsden.life

8vpndr56eb1.life

5gbcnik1ba0.life

k6r11hdxxm2.life

wc87pfwqvbx.life

3b73akpd5ip.life

5o5f0or1704.life

ve0tcgv0oks.life

tsd7d3pynml.life

kfjgd8tquo8.life

ff7xb5l0zl5.life

27qrg2npbhu.life

fvawc0jtdkp.life

r5y7fqonya3.life

h9xx3c9il3j.life

j59t9n7hwkm.life

y5cfe6fd3l0.life

ued006o9h01.life

84q99ojz486.life

ip8tqezj7sp.life

y9i4ggczg4e.life

th6qcdkwsnr.life

3xzwth5vntd.life

62gp702iaqu.life

8a3b03ta8rk.life

0tia8g2yvvo.life

su0r8brxdhr.life

mokbztieb27.life

rhxlfskpohc.life

kb7yse43wqy.life

2c0eufveflh.life

619c8rypv20.life

i62qt3jb6zg.life

jfcrw26vapn.life

w8njdj0attm.life

s6vxyh1rklr.life

eky3lk2xil7.life

5nd1oo31eib.life

93bu7npzbv9.life

1whoxcdymhh.life

1xc2t7knxf1.life

84lv2sczasy.life

y6qbgmgfi6m.life

rib8fo3a0e7.life

3rk610zv895.life

8uds1vn7tbd.life

fu7xdccni45.life

dfipyxrnbtc.life

hdgt9j1i8de.life

ysjlq5njlj0.life

l2gxkix6xvr.life

rff8m0h038m.life

odno88uwkuj.life

4e6b5z4l2wd.life

5vpw0f8capy.life

ojwsv8d4wf5.life

eswtlyhooo9.life

yvhvp5ctxtt.life

xdg4p0mcsgd.life

uoi7m690jyc.life

tepg88xv934.life

skfvrgarsyg.life

fdlbpjwv98r.life

vzg4oh5v2kg.life

lx1jum82n75.life

hffl7o7dhb3.life

gcod08x85o9.life

2xbr53fjxlg.life

ld44s7ji3qm.life

y4f82edr2ao.life

xrs1tzzp471.life

80a59gx821r.life

pzzcs6hez6q.life

w7eeb80zx7n.life

jdjme813v37.life

egqguct7n8n.life

uhfs0f1t6i7.life

6leaj1p164t.life

bxmizfnywgz.life

vopc320hvye.life

fxcg75yxz5z.life

e0rhjl9so13.life

4fl2jd837q5.life
dga_seed
OKFsgukk
domain_length
11
num_dga_domains
100
port
443

rc4.plain

Targets

- Target
  
  fd426609da2774cf55923cb4d2320feef0f2bce24ae7abff0a015c7d7b0042e6
- Size
  
  1.1MB
- MD5
  
  0448b3e869ee9c95befe7b0c69f79401
- SHA1
  
  0a546f7c1c2328e82e2f77b0fdb076ef43ba0bbe
- SHA256
  
  fd426609da2774cf55923cb4d2320feef0f2bce24ae7abff0a015c7d7b0042e6
- SHA512
  
  1e045ea70e278505188c81a8e6d82a94b640687cc8dd8c461d8136386ad0f943bbc1fb9a8c07e5fb1c822d33893fdd131501a60d566f0a6e428bf0cccdfaec2f
- SSDEEP
  
  12288:yh/mUxV9yUJLB9hbJGk01nVJT24GUhKnsHwuDVPVIzI2mxFfokvqRLKAV55PH:yh/nBB9hSZGAwysoxFfooqRLb55P
Score

10^/10

bumblebee js1 loader
- BumbleBee
  BumbleBee is a loader malware written in C++.
  loader bumblebee
- Detects executables referencing combination of virtualization drivers
- Detects executables referencing virtualization MAC addresses
- Suspicious use of NtCreateThreadExHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detects executables referencing combination of virtualization drivers

Detects executables referencing virtualization MAC addresses

Suspicious use of NtCreateThreadExHideFromDebugger

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2