Bumblebee Loader

Bumblebee Loader is a replacement for BazarLoader, which is used by Conti group to deliver ransomware. The Bumblebee infection starts through spam email. This email contains a link to further download an ISO file. It contains two files a New Folder.LNK file and a arch.dll file. New Folder.LNK files contains the information to run the arch.dll file. arch.dll is the Bumblebee Loader. Once it makes its way on the victim machine it can inject shell code and DLL in the memory of the running process. It can download additional executable and maintain persistence. Bumblebee is a highly sophisticated malware loader that employs extensive evasive maneuvers and anti-analysis tricks, including complex anti-virtualization techniques. To make its activity stealthier and harder to detect.

Bumblebee Loader Signatures

Family: Trojan.BumbleBee
MD5: 16da4284ab7ab9d5669c34c339132ed6
SHA256: 1249075a0c4af8ecfeb4a3ab1e9ef692cb8876591d73f3470106402ab1592717

Bumblebee Loader Download

        Click to Load Comments
    

		Campo Loader Download Campo is a spanish word meaning countryside, this word is referred in...
		Buer Malware Sample Download Buer is malware-as-a-service product that provide initial foothold in...
		Ymir Ransomware A novel ransomware strain named Ymir has emerged, encrypting systems p...
		FiXS ATM Malware Download A newly identified malware, code-named "FiXS," has begun affecting AT...
		Knight Ransomware The Knight ransomware has adopted a deceptive guise by orchestrating ...
		BlackCat Sphynx Ransomware In the realm of cyber security, ransomware remains a persistent and e...
		DoDo Ransomware In February of this year, the emergence of DoDo ransomware was initia...
		Rhysida Ransomware The Rhysida ransomware-as-a-service (RaaS) group has swiftly transfor...

Bumblebee Loader

Bumblebee Loader Signatures

Bumblebee Loader Download

Subscribe YouTube

Related Posts