bumblebee | e94af43589322bc0b1ff6302f31833283bdf48896f2a5070d0ab742772f4204b | Triage

Sharing

General

Target

e94af43589322bc0b1ff6302f31833283bdf48896f2a5070d0ab742772f4204b
Size

2.1MB
MD5

1ed3dedc0602c9827cafbf912435afd9
SHA1

1a4f9ea2af1e1d84d9f1b84edfd227f76358cfa6
SHA256

e94af43589322bc0b1ff6302f31833283bdf48896f2a5070d0ab742772f4204b
SHA512

1d26b3ee9fbfefec3e4413587db404a9e36ceeb83dac6446a8f747c9a9bb574d51aab862190ec0ed4ad2f16881eef58a8b4640d11dff627a057811fe5c44036f
SSDEEP

49152:bGgJ3vE7rwsY5+a+h1cHkUnl/u9Zx/PgxeAaE3PgTnvrG:NavI5+qHxsgxeAXorG

Score

10^/10

bumblebee

Malware Config

Extracted

Family

bumblebee

Attributes

dga
.life
dga_seed
-4997223343843241730

Signatures

Bumblebee family
bumblebee

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e94af43589322bc0b1ff6302f31833283bdf48896f2a5070d0ab742772f4204b

Files

e94af43589322bc0b1ff6302f31833283bdf48896f2a5070d0ab742772f4204b
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ