bumblebee | 1fd5326034792c0f0fb00be77629a10ac9162b2f473f96072397a5d639da45dd | Triage

Sharing

General

Target

1fd5326034792c0f0fb00be77629a10ac9162b2f473f96072397a5d639da45dd
Size

1009KB
Sample

240410-lyl5jabd84
MD5

ed902c1796eec0c511682075b8fe63c5
SHA1

e9f1aa4fdd749854aead68a9566d1b960f4efc90
SHA256

1fd5326034792c0f0fb00be77629a10ac9162b2f473f96072397a5d639da45dd
SHA512

fa48f27f5c80eac75b29b71b94f1b1767186910239c6afb868bc82de5e8f032e552d5eed251b04a0d4512a3234feda810a1060d7d61972350fd0bbdab8bbd7f4
SSDEEP

24576:DEGtDN22ifihJad2/hqk0RsUCbBYTIuw5P4:DE4D429hJe28kJUCzA

Score

10^/10

bumblebee vps2g

Malware Config

Extracted

Family

bumblebee

Botnet

VPS2G

C2

23.81.246.187:443

Targets

- Target
  
  documents.lnk
- Size
  
  1KB
- MD5
  
  813dd41c91bb43332482ad5c0857a8d7
- SHA1
  
  5dfa29b64941d86e05be9d99b881dec1fb8338f4
- SHA256
  
  b953d0b1efb9719f79954788480235b8eccb84b13c5d373969fa3a03aabef788
- SHA512
  
  72536d2787db0cef94aab6088865b5ddaf351330306ba860179a7dbe7a70ca9d6e9d8e88821e4078cbe9ad3e736c758f26758cf7e8a9df7dc12d76df6b124058
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  sysmon64.exe
- Size
  
  2.1MB
- MD5
  
  0e0ab8f346dcf205639397928f854cae
- SHA1
  
  5d560a6e5d35bbe151d4ec8ce329f295443acce7
- SHA256
  
  9f35ac95864daf736de1471babe756a11fedd297379892375689fd97c9322344
- SHA512
  
  fc232e7e7d63aa8f018223cd92e8a980360b32afe82fecabac921fdbf7b1260893e32a28cd090ae8d17e562c8a08756a9e839e2666c18fb16a1f0812fb3d0a84
- SSDEEP
  
  49152:NiCsh74TQUm5D0/pwphZ+byFW1igxwlqPGOg14:K2xlALay+LxO1O5
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4