Analysis Overview
SHA256
44fc749f1e8069f218d721eb1adbc5958fd6cdb7a535f899cf6726d19dd40d7b
Threat Level: Known bad
The file 31b9b21a2d6867856f8d91068eceb706.exe was found to be: Known bad.
Malicious Activity Summary
BumbleBee
Bumblebee family
Unsigned PE
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-11-09 02:31
Signatures
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-11-09 02:31
Reported
2024-11-09 02:32
Platform
win11-20241007-en
Max time kernel
26s
Max time network
28s
Command Line
Signatures
BumbleBee
Bumblebee family
Processes
C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\31b9b21a2d6867856f8d91068eceb706.dll
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | tvx1ovdepj8.life | udp |
| DE | 188.40.187.138:443 | 8x2apo5m7ri.life | tcp |
| DE | 188.40.187.138:443 | 8x2apo5m7ri.life | tcp |
| DE | 188.40.187.138:443 | 8x2apo5m7ri.life | tcp |
| DE | 188.40.187.138:443 | 8x2apo5m7ri.life | tcp |
Files
memory/8-0-0x0000000001FD0000-0x00000000020B4000-memory.dmp
memory/8-1-0x00007FFB087C4000-0x00007FFB087C5000-memory.dmp
memory/8-2-0x0000000002360000-0x0000000002579000-memory.dmp
memory/8-6-0x00007FFB08720000-0x00007FFB08929000-memory.dmp
memory/8-5-0x0000000002360000-0x0000000002579000-memory.dmp
memory/8-4-0x0000000002360000-0x0000000002579000-memory.dmp
memory/8-3-0x0000000002360000-0x0000000002579000-memory.dmp
memory/8-7-0x0000000002360000-0x0000000002579000-memory.dmp
memory/8-8-0x0000000001FD0000-0x00000000020B4000-memory.dmp
memory/8-9-0x00007FFB08720000-0x00007FFB08929000-memory.dmp