cyber_threat_intelligence/campaigns/BumbleBee

BumbleBee - Cyber Threat Intelligence

These indicators were reported, collected, and generated during the VulDB CTI analysis of the campaign known as BumbleBee. The activity monitoring correlates data from social media, forums, chat rooms, and darknet markets. It helps to determine associated actors, specific activities, expected intentions, emerging research, and ongoing attacks. Our unique predictive model uses big data to forecast activities and their characteristics.

Live data and more analysis capabilities are available at https://vuldb.com/?actor

Countries

These countries are directly (e.g. origin of attacks) or indirectly (e.g. access by proxy) associated with BumbleBee:

• VN
• CN
• US
• ...

There are 4 more country items available. Please use our online service to access the data.

Actors

These actors are associated with BumbleBee or other actors linked to the campaign.

ID	Actor	Confidence
1	xHunt	High
2	Exotic Lily	High
3	Bumblebee	High
4	...	...

There are 2 more actor items available. Please use our online service to access the data.

IOC - Indicator of Compromise

These indicators of compromise (IOC) indicate associated network resources which are known to be part of research and attack activities of BumbleBee.

ID	IP address	Hostname	Actor	Confidence
1	0.151.228.146	-	BumbleBee	High
2	0.208.210.72	-	BumbleBee	High
3	1.32.39.22	-	Bumblebee	High
4	1.39.166.217	1-39-166-217.live.vodafone.in	Bumblebee	High
5	2.50.39.29	bba-2-50-39-29.alshamil.net.ae	BumbleBee	High
6	2.56.10.16	-	BumbleBee	High
7	2.97.24.126	host-2-97-24-126.as13285.net	Bumblebee	High
8	2.100.7.120	host-2-100-7-120.as13285.net	BumbleBee	High
9	2.126.13.36	027e0d24.bb.sky.com	BumbleBee	High
10	2.190.89.140	-	Bumblebee	High
11	2.211.111.213	dynamic-002-211-111-213.2.211.pool.telefonica.de	Bumblebee	High
12	2.240.132.127	dynamic-002-240-132-127.2.240.pool.telefonica.de	BumbleBee	High
13	3.85.198.66	ec2-3-85-198-66.compute-1.amazonaws.com	Bumblebee	Medium
14	3.144.143.242	ec2-3-144-143-242.us-east-2.compute.amazonaws.com	Bumblebee	Medium
15	3.172.226.46	-	Bumblebee	High
16	3.215.24.1	ec2-3-215-24-1.compute-1.amazonaws.com	BumbleBee	Medium
17	4.13.210.199	-	BumbleBee	High
18	4.165.175.212	-	Bumblebee	High
19	4.177.13.86	-	BumbleBee	High
20	4.236.88.115	-	BumbleBee	High
21	5.45.54.50	-	BumbleBee	High
22	5.53.19.66	dhcp-66-19-53-5.metrosg.ru	BumbleBee	High
23	5.141.46.137	-	BumbleBee	High
24	5.152.80.211	-	Bumblebee	High
25	5.237.231.132	-	BumbleBee	High
26	5.239.33.172	-	Bumblebee	High
27	6.10.249.12	-	BumbleBee	High
28	6.30.139.246	-	Bumblebee	High
29	6.249.22.42	-	Bumblebee	High
30	7.12.29.221	-	BumbleBee	High
31	7.71.244.186	-	BumbleBee	High
32	7.233.9.154	-	Bumblebee	High
33	8.12.181.20	-	Bumblebee	High
34	8.76.233.176	-	BumbleBee	High
35	8.126.95.33	-	BumbleBee	High
36	8.219.132.142	-	BumbleBee	High
37	8.222.227.103	-	BumbleBee	High
38	8.253.171.67	-	BumbleBee	High
39	9.63.15.101	-	Bumblebee	High
40	9.240.112.25	-	Bumblebee	High
41	10.28.17.62	-	Bumblebee	High
42	11.1.201.27	-	Bumblebee	High
43	12.75.186.131	131.newark-21-23rs.nj.dial-access.att.net	Bumblebee	High
44	12.115.36.174	-	Bumblebee	High
45	12.153.80.238	-	Bumblebee	High
46	12.194.222.34	-	BumbleBee	High
47	12.202.229.195	-	Bumblebee	High
48	12.236.242.155	-	Bumblebee	High
49	13.2.200.200	-	Bumblebee	High
50	13.218.205.215	-	Bumblebee	High
51	13.234.171.104	ec2-13-234-171-104.ap-south-1.compute.amazonaws.com	BumbleBee	Medium
52	14.7.69.141	-	Bumblebee	High
53	14.11.77.37	M014011077037.v4.enabler.ne.jp	BumbleBee	High
54	14.40.68.19	-	Bumblebee	High
55	14.63.191.213	-	BumbleBee	High
56	14.102.170.127	cache-ipnet01.nexlogic.ph	Bumblebee	High
57	14.128.51.19	-	BumbleBee	High
58	14.155.143.74	-	Bumblebee	High
59	14.163.179.250	static.vnpt.vn	Bumblebee	High
60	14.195.237.81	static-81.237.195.14-tataidc.co.in	BumbleBee	High
61	15.209.19.148	-	Bumblebee	High
62	15.248.60.137	-	BumbleBee	High
63	16.86.113.88	-	BumbleBee	High
64	16.249.204.133	-	BumbleBee	High
65	17.29.249.188	-	BumbleBee	High
66	17.147.212.14	-	BumbleBee	High
67	18.8.71.243	-	Bumblebee	High
68	18.127.96.221	-	Bumblebee	High
69	18.141.105.98	ec2-18-141-105-98.ap-southeast-1.compute.amazonaws.com	BumbleBee	Medium
70	18.151.45.13	-	BumbleBee	High
71	18.210.196.217	ec2-18-210-196-217.compute-1.amazonaws.com	BumbleBee	Medium
72	19.32.56.182	-	Bumblebee	High
73	19.71.13.153	-	Bumblebee	High
74	19.128.78.21	-	BumbleBee	High
75	20.150.149.28	-	Bumblebee	High
76	21.21.141.32	-	Bumblebee	High
77	21.29.238.98	-	Bumblebee	High
78	21.175.22.99	-	Bumblebee	High
79	21.246.85.34	-	Bumblebee	High
80	22.39.164.0	-	BumbleBee	High
81	22.83.186.45	-	Bumblebee	High
82	22.175.0.90	-	Bumblebee	High
83	22.252.18.49	-	BumbleBee	High
84	23.19.58.176	i58.176.lofame.net	BumbleBee	High
85	23.19.58.212	-	BumbleBee	High
86	23.19.58.251	-	BumbleBee	High
87	23.29.115.164	23-29-115-164.static.hvvc.us	BumbleBee	High
88	23.29.115.172	23-29-115-172.static.hvvc.us	BumbleBee	High
89	23.81.246.17	-	BumbleBee	High
90	23.81.246.22	-	BumbleBee	High
91	23.81.246.171	-	BumbleBee	High
92	23.81.246.187	-	Bumblebee	High
93	23.81.246.205	-	BumbleBee	High
94	23.82.19.119	-	BumbleBee	High
95	23.82.19.208	-	Bumblebee	High
96	23.82.128.11	-	BumbleBee	High
97	23.82.128.116	-	BumbleBee	High
98	23.82.128.127	-	BumbleBee	High
99	23.82.128.149	-	BumbleBee	High
100	23.82.140.14	-	BumbleBee	High
101	23.82.140.100	-	BumbleBee	High
102	23.82.140.133	-	Bumblebee	High
103	23.82.140.155	-	BumbleBee	High
104	23.82.140.180	-	BumbleBee	High
105	23.82.141.11	-	BumbleBee	High
106	23.82.141.184	-	Bumblebee	High
107	23.82.141.185	-	BumbleBee	High
108	23.83.133.1	v327.er01.dal.ubiquity.io	Bumblebee	High
109	23.83.133.13	-	BumbleBee	High
110	23.83.133.182	-	Bumblebee	High
111	23.83.133.215	-	BumbleBee	High
112	23.83.133.216	-	Bumblebee	High
113	23.83.134.110	-	Bumblebee	High
114	23.83.134.133	-	BumbleBee	High
115	23.83.134.136	-	Bumblebee	High
116	23.88.117.246	static.246.117.88.23.clients.your-server.de	BumbleBee	High
117	23.92.127.18	-	xHunt	High
118	23.106.124.23	-	BumbleBee	High
119	23.106.124.154	-	BumbleBee	High
120	23.106.160.33	-	BumbleBee	High
121	23.106.160.39	-	Bumblebee	High
122	23.106.160.40	-	BumbleBee	High
123	23.106.160.52	-	BumbleBee	High
124	23.106.160.82	-	BumbleBee	High
125	23.106.160.112	-	BumbleBee	High
126	23.106.160.117	-	BumbleBee	High
127	23.106.160.120	-	Bumblebee	High
128	23.106.160.137	-	BumbleBee	High
129	23.106.160.141	-	BumbleBee	High
130	23.106.215.45	-	BumbleBee	High
131	23.106.215.60	-	BumbleBee	High
132	23.106.215.82	-	BumbleBee	High
133	23.106.215.123	-	Bumblebee	High
134	23.106.215.133	-	BumbleBee	High
135	23.106.215.141	-	BumbleBee	High
136	23.106.215.165	zootech.click	BumbleBee	High
137	23.106.215.225	-	BumbleBee	High
138	23.106.215.230	-	BumbleBee	High
139	23.106.215.233	-	BumbleBee	High
140	23.106.223.1	-	BumbleBee	High
141	23.106.223.14	-	BumbleBee	High
142	23.106.223.130	-	BumbleBee	High
143	23.106.223.144	-	BumbleBee	High
144	23.106.223.182	-	BumbleBee	High
145	23.106.223.197	-	BumbleBee	High
146	23.106.223.209	-	BumbleBee	High
147	23.106.223.219	-	BumbleBee	High
148	23.106.223.222	-	BumbleBee	High
149	23.108.57.5	-	BumbleBee	High
150	23.108.57.13	-	Bumblebee	High
151	23.108.57.29	-	BumbleBee	High
152	23.108.57.57	tuks.net	BumbleBee	High
153	23.108.57.59	-	BumbleBee	High
154	23.108.57.65	-	BumbleBee	High
155	23.108.57.66	-	BumbleBee	High
156	23.108.57.79	-	BumbleBee	High
157	23.108.57.87	-	BumbleBee	High
158	23.108.57.161	-	BumbleBee	High
159	23.108.57.200	-	BumbleBee	High
160	23.108.57.201	-	BumbleBee	High
161	23.108.57.250	-	BumbleBee	High
162	23.136.208.76	-	BumbleBee	High
163	23.227.198.195	multiatom.com	BumbleBee	High
164	23.227.198.217	23-227-198-217.static.hvvc.us	Bumblebee	High
165	23.227.198.241	23-227-198-241.static.hvvc.us	BumbleBee	High
166	23.227.202.179	trackvous.com	BumbleBee	High
167	23.227.203.120	23-227-203-120.static.hvvc.us	BumbleBee	High
168	23.229.117.229	-	BumbleBee	High
169	23.254.142.159	client-23-254-142-159.hostwindsdns.com	BumbleBee	High
170	23.254.161.46	hwsrv-1063022.hostwindsdns.com	BumbleBee	High
171	23.254.167.63	hwsrv-1063920.hostwindsdns.com	BumbleBee	High
172	23.254.167.143	client-23-254-167-143.hostwindsdns.com	BumbleBee	High
173	23.254.201.97	hwsrv-974106.hostwindsdns.com	Bumblebee	High
174	23.254.202.59	hwsrv-987701.hostwindsdns.com	Bumblebee	High
175	23.254.204.109	client-23-254-204-109.hostwindsdns.com	BumbleBee	High
176	23.254.204.210	hwsrv-1046249.hostwindsdns.com	BumbleBee	High
177	23.254.217.20	hwsrv-984041.hostwindsdns.com	Bumblebee	High
178	23.254.217.222	hwsrv-976272.hostwindsdns.com	Bumblebee	High
179	23.254.224.200	hwsrv-1001143.hostwindsdns.com	BumbleBee	High
180	23.254.225.130	hwsrv-1067630.hostwindsdns.com	BumbleBee	High
181	23.254.225.249	client-23-254-225-249.hostwindsdns.com	BumbleBee	High
182	23.254.227.53	hwsrv-1057942.hostwindsdns.com	BumbleBee	High
183	23.254.227.144	hwsrv-982332.hostwindsdns.com	Bumblebee	High
184	23.254.229.131	ruth.gobuddy.info	Bumblebee	High
185	23.254.229.210	tigern.throwbackdinos.com	BumbleBee	High
186	23.254.247.48	hwsrv-1063028.hostwindsdns.com	BumbleBee	High
187	24.4.68.32	c-24-4-68-32.hsd1.ca.comcast.net	Bumblebee	High
188	24.57.185.167	d24-57-185-167.home.cgocable.net	Bumblebee	High
189	24.121.25.160	24-121-25-160.sdoncmtk01.com.dyn.suddenlink.net	Bumblebee	High
190	24.183.132.242	024-183-132-242.res.spectrum.com	BumbleBee	High
191	25.5.198.104	-	Bumblebee	High
192	25.131.252.242	-	BumbleBee	High
193	25.169.42.242	-	BumbleBee	High
194	25.170.215.18	-	Bumblebee	High
195	25.181.64.39	-	Bumblebee	High
196	26.6.83.53	-	Bumblebee	High
197	27.31.180.123	-	BumbleBee	High
198	28.11.143.222	-	Bumblebee	High
199	28.23.200.103	-	BumbleBee	High
200	28.53.120.108	-	Bumblebee	High
201	28.107.38.196	-	Bumblebee	High
202	28.148.236.16	-	Bumblebee	High
203	28.183.174.200	-	BumbleBee	High
204	29.15.120.102	-	BumbleBee	High
205	29.64.0.111	-	Bumblebee	High
206	29.122.243.158	-	Bumblebee	High
207	29.203.98.166	-	BumbleBee	High
208	30.17.4.146	-	Bumblebee	High
209	30.65.48.152	-	Bumblebee	High
210	30.140.193.246	-	BumbleBee	High
211	30.205.76.70	-	Bumblebee	High
212	30.225.24.243	-	BumbleBee	High
213	31.135.71.34	-	BumbleBee	High
214	31.228.253.114	-	Bumblebee	High
215	31.232.16.192	-	BumbleBee	High
216	32.54.188.44	-	BumbleBee	High
217	32.181.245.23	-	Bumblebee	High
218	33.93.97.183	-	Bumblebee	High
219	33.145.184.132	-	Bumblebee	High
220	33.191.119.32	-	BumbleBee	High
221	34.1.180.202	-	BumbleBee	High
222	34.2.221.48	-	BumbleBee	High
223	34.34.152.166	166.152.34.34.bc.googleusercontent.com	BumbleBee	Medium
224	34.119.95.6	6.95.119.34.bc.googleusercontent.com	BumbleBee	Medium
225	34.229.154.31	ec2-34-229-154-31.compute-1.amazonaws.com	Bumblebee	Medium
226	35.120.155.220	-	Bumblebee	High
227	36.110.58.103	103.58.110.36.static.bjtelecom.net	Bumblebee	High
228	36.150.76.13	-	BumbleBee	High
229	36.201.196.202	-	BumbleBee	High
230	37.28.155.36	d155036.artnet.gda.pl	BumbleBee	High
231	37.28.156.24	d156024.artnet.gda.pl	BumbleBee	High
232	37.28.157.29	d157029.artnet.gda.pl	BumbleBee	High
233	37.42.62.77	-	BumbleBee	High
234	37.64.220.2	2.220.64.37.rev.sfr.net	Bumblebee	High
235	37.72.174.9	emailmail.org.uk	Bumblebee	High
236	37.72.174.23	37-72-174-23.static.hvvc.us	Bumblebee	High
237	37.120.198.248	-	Bumblebee	High
238	37.189.74.5	bl28-74-5.dsl.telepac.pt	BumbleBee	High
239	37.221.67.104	host001	BumbleBee	High
240	37.221.67.122	finese	BumbleBee	High
241	38.12.57.131	-	Bumblebee	High
242	38.48.147.152	-	BumbleBee	High
243	39.57.152.217	-	Bumblebee	High
244	40.47.149.113	-	BumbleBee	High
245	40.72.17.141	-	Bumblebee	High
246	41.7.15.180	vc-cpt-41-7-15-180.umts.vodacom.co.za	BumbleBee	High
247	41.15.71.157	vc-gp-n-41-15-71-157.umts.vodacom.co.za	BumbleBee	High
248	41.28.188.77	vc-gp-s-41-28-188-77.umts.vodacom.co.za	Bumblebee	High
249	41.56.181.200	-	Bumblebee	High
250	41.70.42.112	-	BumbleBee	High
251	42.63.100.82	-	BumbleBee	High
252	42.104.196.184	-	BumbleBee	High
253	42.179.23.39	-	BumbleBee	High
254	43.184.255.110	-	BumbleBee	High
255	44.94.75.93	-	BumbleBee	High
256	44.224.48.159	ec2-44-224-48-159.us-west-2.compute.amazonaws.com	BumbleBee	Medium
257	45.3.236.177	045-003-236-177.biz.spectrum.com	Bumblebee	High
258	45.11.19.70	-	BumbleBee	High
259	45.11.19.86	-	BumbleBee	High
260	45.11.19.208	-	BumbleBee	High
261	45.11.19.224	-	Bumblebee	High
262	45.11.19.252	-	BumbleBee	High
263	45.32.37.109	45.32.37.109.vultrusercontent.com	BumbleBee	High
264	45.61.184.8	mail.oelke.tec.br	BumbleBee	High
265	45.61.184.24	-	BumbleBee	High
266	45.61.184.227	MiamiTorNew1.Quetzalcoatl-relays.org	BumbleBee	High
267	45.61.185.65	exitrelay40.medvideos-tor.org	BumbleBee	High
268	45.61.185.227	-	BumbleBee	High
269	45.61.186.18	-	BumbleBee	High
270	45.61.186.51	-	BumbleBee	High
271	45.61.187.10	45-61-187-10.ger.priv.allsafevpn.com	BumbleBee	High
272	45.61.187.40	-	BumbleBee	High
273	45.61.187.123	smtp20.shbgura.xyz	BumbleBee	High
274	45.61.187.160	-	BumbleBee	High
275	45.61.187.170	-	BumbleBee	High
276	45.61.187.204	-	BumbleBee	High
277	45.61.187.225	-	BumbleBee	High
278	45.66.151.59	-	BumbleBee	High
279	45.66.151.142	-	BumbleBee	High
280	45.66.151.150	-	BumbleBee	High
281	45.66.151.151	-	BumbleBee	High
282	45.66.151.155	-	Bumblebee	High
283	45.66.151.193	-	BumbleBee	High
284	45.66.248.61	parts861.simplestartvideos.com	BumbleBee	High
285	45.66.248.64	0n3reye0i0.alyanova.com	BumbleBee	High
286	45.66.248.156	-	BumbleBee	High
287	45.66.248.216	spam.lastmer.xyz	BumbleBee	High
288	45.67.231.123	mihome.ru	BumbleBee	High
289	45.67.231.151	vm1197030.stark-industries.solutions	BumbleBee	High
290	45.84.0.13	vm523902.stark-industries.solutions	Bumblebee	High
291	45.84.240.87	-	BumbleBee	High
292	45.132.180.49	-	BumbleBee	High
293	45.138.172.22	-	BumbleBee	High
294	45.138.172.246	-	Bumblebee	High
295	45.140.146.30	vm542320.stark-industries.solutions	Bumblebee	High
296	45.140.146.244	-	Bumblebee	High
297	45.141.58.37	-	BumbleBee	High
298	45.141.58.139	galorebase.com	BumbleBee	High
299	45.142.214.120	vm516885.stark-industries.solutions	Bumblebee	High
300	45.142.214.167	-	Bumblebee	High
301	45.147.229.23	-	Bumblebee	High
302	45.147.229.47	-	BumbleBee	High
303	45.147.229.50	-	Bumblebee	High
304	45.147.229.101	-	Bumblebee	High
305	45.147.229.177	-	Bumblebee	High
306	45.147.229.199	-	Bumblebee	High
307	45.147.229.223	-	BumbleBee	High
308	45.147.230.179	-	BumbleBee	High
309	45.147.230.233	-	BumbleBee	High
310	45.147.230.245	poppuworls.club	BumbleBee	High
311	45.147.231.107	-	Bumblebee	High
312	45.147.231.156	-	BumbleBee	High
313	45.147.231.202	-	Bumblebee	High
314	45.147.231.232	-	BumbleBee	High
315	45.150.67.154	vm1326648.stark-industries.solutions	BumbleBee	High
316	45.153.240.56	-	BumbleBee	High
317	45.153.240.94	-	BumbleBee	High
318	45.153.240.139	-	Bumblebee	High
319	45.153.240.155	-	BumbleBee	High
320	45.153.241.19	-	BumbleBee	High
321	45.153.241.64	-	BumbleBee	High
322	45.153.241.120	-	BumbleBee	High
323	45.153.241.187	-	Bumblebee	High
324	45.153.241.209	-	BumbleBee	High
325	45.153.241.234	-	Bumblebee	High
326	45.153.241.245	-	BumbleBee	High
327	45.153.242.61	-	BumbleBee	High
328	45.153.242.100	-	BumbleBee	High
329	45.153.242.105	-	BumbleBee	High
330	45.153.242.183	-	BumbleBee	High
331	45.153.242.184	-	BumbleBee	High
332	45.153.242.242	-	BumbleBee	High
333	45.153.243.82	-	BumbleBee	High
334	45.153.243.93	-	BumbleBee	High
335	45.153.243.111	-	BumbleBee	High
336	45.153.243.126	-	BumbleBee	High
337	45.153.243.130	-	BumbleBee	High
338	45.153.243.222	-	BumbleBee	High
339	46.21.153.145	145.153.21.46.static.swiftway.net	Bumblebee	High
340	46.21.153.157	157.153.21.46.static.swiftway.net	BumbleBee	High
341	46.21.153.246	246.153.21.46.static.swiftway.net	BumbleBee	High
342	46.44.240.53	46-44-240-53.ip.welcomeitalia.it	Bumblebee	High
343	46.142.186.28	28-186-142-46.pool.kielnet.net	BumbleBee	High
344	46.142.187.27	27-187-142-46.pool.kielnet.net	BumbleBee	High
345	46.142.187.96	96-187-142-46.pool.kielnet.net	BumbleBee	High
346	46.214.226.37	46-214-226-37.next-gen.ro	BumbleBee	High
347	46.240.5.92	-	BumbleBee	High
348	46.246.3.253	-	xHunt	High
349	46.246.3.254	-	xHunt	High
350	46.249.38.114	-	BumbleBee	High
351	46.249.38.141	-	BumbleBee	High
352	47.26.53.19	047-026-053-019.res.spectrum.com	BumbleBee	High
353	47.27.63.45	047-027-063-045.res.spectrum.com	Bumblebee	High
354	...	...	...	...

There are 1413 more IOC items available. Please use our online service to access the data.

TTP - Tactics, Techniques, Procedures

Tactics, techniques, and procedures (TTP) summarize the suspected MITRE ATT&CK techniques used within BumbleBee. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Weakness	Description	Confidence
1	T1006	CWE-22, CWE-23, CWE-24, CWE-29, CWE-36, CWE-425	Pathname Traversal	High
2	T1055	CWE-74	Injection	High
3	T1059	CWE-88, CWE-94	Cross Site Scripting	High
4	T1059.007	CWE-79, CWE-80	Cross Site Scripting	High
5	...	...	...	...

There are 17 more TTP items available. Please use our online service to access the data.

IOA - Indicator of Attack

These indicators of attack (IOA) list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration during BumbleBee. This data is unique as it uses our predictive model for actor profiling.

ID	Type	Indicator	Confidence
1	File	/admin.php?c=upload&f=zip&_noCache=0.1683794968	High
2	File	/admin/?page=user/list	High
3	File	/admin/ajax.php?action=save_area	High
4	File	/admin/contacts/organizations/edit/2	High
5	File	/admin/edit_subject.php	High
6	File	/admin/modal_add_product.php	High
7	File	/admin/reportupload.aspx	High
8	File	/admin/update_s6.php	High
9	File	/ajax.php?action=read_msg	High
10	File	/ajax.php?action=save_company	High
11	File	/api/stl/actions/search	High
12	File	/bin/login	Medium
13	File	/cgi-bin/wlogin.cgi	High
14	File	/classes/Master.php?f=delete_category	High
15	File	/debug/pprof	Medium
16	File	/E-mobile/App/System/File/downfile.php	High
17	File	/forum/away.php	High
18	File	/inc/jquery/uploadify/uploadify.php	High
19	File	/index.php?app=main&func=passport&action=login	High
20	File	/kelasdosen/data	High
21	File	/Login/CheckLogin	High
22	File	/menu.html	Medium
23	...	...	...

There are 190 more IOA items available (file, library, argument, input value, pattern, network port). Please use our online service to access the data.

References

The following list contains external sources which discuss the campaign and the associated activities:

• https://1275.ru/ioc/151/bumblebee-loader-iocs/
• https://1275.ru/ioc/250/bumblebee-malware-iocs-part-3/
• https://1275.ru/ioc/287/bumblebee-malware-iocs-part-4/
• https://1275.ru/ioc/347/bumblebee-loader-iocs-part-5/
• https://bazaar.abuse.ch/sample/c5e1089ccd97a0c10fe296a313a5f0731bc883ac5e0d6309164ab8f0bc7652dc/
• https://blog.cyble.com/2022/06/07/bumblebee-loader-on-the-rise/
• https://blog.google/threat-analysis-group/exposing-initial-access-broker-ties-conti/
• https://community.blueliv.com/#!/s/62b165ee82df417a00331a19
• https://community.blueliv.com/#!/s/6285f1a182df41552632f533
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_01.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_02.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_03.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_07.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_09.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_13.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_14.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_15.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_16.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_17.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_23.06.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_27.05.2022.txt
• https://github.com/pr0xylife/Bumblebee/blob/main/Bumblebee_27.06.2022.txt
• https://research.checkpoint.com/2022/bumblebee-increasing-its-capacity-and-evolving-its-ttps/
• https://thedfirreport.com/2022/09/26/bumblebee-round-two/
• https://threatfox.abuse.ch
• https://twitter.com/k3dg3/status/1524443218519240706
• https://twitter.com/malware_traffic/status/1537168576162979843
• https://twitter.com/Max_Mal_/status/1595806604443754496
• https://unit42.paloaltonetworks.com/bumblebee-webshell-xhunt-campaign/
• https://urlhaus.abuse.ch/url/2231415/
• https://www.cybereason.com/blog/threat-analysis-report-bumblebee-loader-the-high-road-to-enterprise-domain-control
• https://www.joesandbox.com/analysis/717845/0/html
• https://www.joesandbox.com/analysis/1085369
• https://www.trendmicro.com/en_us/research/22/i/buzzing-in-the-background-bumblebee-a-new-modular-backdoor-evolv.html

Literature

The following articles explain our unique predictive cyber threat intelligence:

• VulDB Cyber Threat Intelligence Documentation
• Cyber Threat Intelligence - Early Anticipation of Attacks

License

(c) 1997-2023 by vuldb.com. All data on this page is shared under the license CC BY-NC-SA 4.0. Questions? Check the FAQ, read the documentation or contact us!