General

  • Target

    2072-2-0x00000000021E0000-0x00000000023F8000-memory.dmp

  • Size

    2.1MB

  • MD5

    eee42c1fdb845f980b713d2e7996ffe7

  • SHA1

    3e5a8647887d3151a3bdacc901af55bed5955066

  • SHA256

    00470146c8da1986ac3c1ee33fdae51a9999a4c23583d635060a979677447ec2

  • SHA512

    83d4ff489d1f1b3c78afa48ab1f6b044895f78fc3a3f4888872fc15e8dee4539ee0b8c40816ae39ba9530e923c206134b68d8ffb3788aa43569d2f67a824b618

  • SSDEEP

    49152:OeJr8efRUVaSxlj5+4mDrxKFzq9Zx/a/ClCkgs6z:OBsnSxJm5q/Co5

Score
10/10

Malware Config

Extracted

Family

bumblebee

Botnet

dcc3

Attributes
  • dga

    kxk0fp99.life

    9b7t2l0q.life

    hyivgigf.life

    ge0gmguu.life

    c0g886v7.life

    z5gt6avq.life

    bhqjgnyg.life

    vtq4vrd1.life

    wmds946t.life

    lawsc41o.life

    8zxvhrw3.life

    6t152qng.life

    8jenv5cj.life

    nnc9xesb.life

    vevijml2.life

    qblg0klz.life

    3botypuk.life

    quw31ted.life

    n9t609lu.life

    mtu5eery.life

    guycev3v.life

    klcmu5e3.life

    hm2psb94.life

    wiof5kps.life

    ink7i9yf.life

    rj3h9lji.life

    n0ohhx48.life

    d5lspsc8.life

    wuxe83rt.life

    rka4u64f.life

  • dga_seed

    3.169630490570045e+18

  • domain_length

    8

  • num_dga_domains

    100

  • port

    443

rc4.plain

Signatures

  • Bumblebee family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2072-2-0x00000000021E0000-0x00000000023F8000-memory.dmp
    .dll windows:6 windows x64 arch:x64


    Headers

    Sections