General

  • Target

    201c4d0070552d9dc06b76ee55479fc0a9dfacb6dbec6bbec5265e04644eebc9

  • Size

    2.2MB

  • MD5

    e114951c5607c67a80be82c980bd720e

  • SHA1

    7b5a1cddc001844ef446d980813f0653659f850d

  • SHA256

    201c4d0070552d9dc06b76ee55479fc0a9dfacb6dbec6bbec5265e04644eebc9

  • SHA512

    cf7727f3cdb900d94a447610d5cc385f5c68d3b7700a778bb53bf8d2c8084c14a602c85578cc9895cb26bed7ce5befda18f1262c0feab2ccbd33b272fac5f87d

  • SSDEEP

    49152:EaLMh74dfw5MKWe6yXdVgfRY8igxZPqPGETlsE:OsfWltGf5Lxd1ESE

Score
10/10

Malware Config

Extracted

Family

bumblebee

Botnet

VPS2G

C2

23.81.246.187:443

Signatures

  • Bumblebee family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 201c4d0070552d9dc06b76ee55479fc0a9dfacb6dbec6bbec5265e04644eebc9
    .iso
  • out.iso
    .iso
  • documents.lnk
    .lnk
  • sysmon64.exe
    .exe windows:6 windows x64 arch:x64

    e540de65c610ff7d74677289a61a259e


    Headers

    Imports

    Exports

    Sections