Overview

overview

10

Static

static

1

JaffaCakes...da.exe

windows7-x64

10

JaffaCakes...da.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_86cc9451105653da36ae8beaa4c3872ab997632637ac0e1ff6d7513fb86764da

  • Size

    709.9MB

  • Sample

    241223-snqtassre1

  • MD5

    0150b647aef4ee48f2b12c811ba882f2

  • SHA1

    bf334f886c0c0c23dc878e95bdca3984ba9c39a0

  • SHA256

    86cc9451105653da36ae8beaa4c3872ab997632637ac0e1ff6d7513fb86764da

  • SHA512

    9740ef9429fc07e8b0559d3d4755a8bb60df21aa1de1f7af93f58e8d3eb8f061f6fd48adec98d2abbef247bacc3add3a4a76f9cde31a8d641983fabd7c782d62

  • SSDEEP

    24576:tuEYpL6eGotXnc1lus5nY+7B+FfJoiXygld/gr1:tu1L6Rkn2ws5nRNoygKJ

Score
10/10
bumblebee17macaloader

Malware Config

Extracted

Family

bumblebee

Botnet

17maca

C2

108.62.141.20:443

23.108.57.201:443

108.62.118.170:443
rc4.plain

Targets

    • Target

      JaffaCakes118_86cc9451105653da36ae8beaa4c3872ab997632637ac0e1ff6d7513fb86764da

    • Size

      709.9MB

    • MD5

      0150b647aef4ee48f2b12c811ba882f2

    • SHA1

      bf334f886c0c0c23dc878e95bdca3984ba9c39a0

    • SHA256

      86cc9451105653da36ae8beaa4c3872ab997632637ac0e1ff6d7513fb86764da

    • SHA512

      9740ef9429fc07e8b0559d3d4755a8bb60df21aa1de1f7af93f58e8d3eb8f061f6fd48adec98d2abbef247bacc3add3a4a76f9cde31a8d641983fabd7c782d62

    • SSDEEP

      24576:tuEYpL6eGotXnc1lus5nY+7B+FfJoiXygld/gr1:tu1L6Rkn2ws5nRNoygKJ

    Score
    10/10
    bumblebee17macaloader

    • BumbleBee

      BumbleBee is a loader malware written in C++.

      loaderbumblebee

    • Bumblebee family

      bumblebee

    • Suspicious use of NtCreateThreadExHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks