bumblebee | JaffaCakes118_2d39b9749f4ddec3224be9e8b33940120d2c0cc9da4e158ce689370e6a8ce580 | Triage

Sharing

General

Target

JaffaCakes118_2d39b9749f4ddec3224be9e8b33940120d2c0cc9da4e158ce689370e6a8ce580
Size

2.3MB
MD5

5eebb316bbc71fc7528409aea9ec1753
SHA1

10c88a5ac12bd5041d839d61b12cafbfd5986a67
SHA256

2d39b9749f4ddec3224be9e8b33940120d2c0cc9da4e158ce689370e6a8ce580
SHA512

8b673493f73faed79fb0b13488ed1d0a54d715cebd4b7995e90b1bd6d6279c684b1c2e8bb1b83d9cdbcc3c8e7f8ab804bd366276d355ec5376dbc9fe843cece6
SSDEEP

49152:D7LVnxeXvsicNC7Nao9+4vMmuGxu1VQA0zZyciBEBqPGhVc:oZqNzYWVQJyc31hK

Score

10^/10

bumblebee

Malware Config

Signatures

Bumblebee family
bumblebee

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2d39b9749f4ddec3224be9e8b33940120d2c0cc9da4e158ce689370e6a8ce580

Files

JaffaCakes118_2d39b9749f4ddec3224be9e8b33940120d2c0cc9da4e158ce689370e6a8ce580
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 651KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ