-
Notifications
You must be signed in to change notification settings - Fork 24
/
2022-05-03_Bumblebee
36 lines (33 loc) · 995 Bytes
/
2022-05-03_Bumblebee
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
Bumblebee Malware Loader
REFERENCIAS:
https://twitter.com/0xtornado/status/1521272644087205890
https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/amp/
https://www.cynet.com/orion-threat-alert-flight-of-the-bumblebee/
https://www.proofpoint.com/us/blog/threat-insight/bumblebee-is-still-transforming
https://elis531989.medium.com/the-chronicles-of-bumblebee-the-hook-the-bee-and-the-trickbot-connection-686379311056
https://research.nccgroup.com/2022/04/29/adventures-in-the-land-of-bumblebee-a-new-malicious-loader/
https://whimsical.com/al-khaser-PnzgrSaQxpfbXPY6bLPbxq
SAMPLES:
https://bazaar.abuse.ch/browse.php?search=tag%3A+bumblebee
C2 ACTIVOS (443/TCP):
103.175.16.45
103.175.16.46
103.175.16.49
108.62.118.236
108.62.118.56
108.62.118.61
108.62.118.62
108.62.118.64
138.201.190.52
23.106.160.120
23.106.160.39
23.106.160.40
23.81.246.187
23.83.134.110
23.83.134.133
23.83.134.136
45.147.229.177
45.147.229.23
45.153.243.82
45.153.243.93
49.12.241.35