← Back to Pulse Feed
PULSE DETAIL
Compilation Timestamp
2025-05-01 18:04:59 UTC
Entry Point 527**
Contained Sections 7
Written in C++, this malware functions as a first-stage backdoor designed to establish an initial foothold before continuing its stealthy attack to move into MAAS, operations, and development. Bumblebee is primarily delivered via phishing emails—often disguised as invoices—but its scope also includes PDFs, voicemails, zip files, and images. The malware is highly evasive, routinely checking its environment, executing payloads, and creating LOLBins. Related to Operation Endgame, it notably disrupted regsvr32.exe in May 2024. This specific variant was created on May 1, 2025, and appeared to be set into operation on May 5, 2025—interestingly, just one day after Microsoft changed its DKIM, SPF, and DMARC rules.
ed76019fbae16d3992d1939c38d620185f4520e128f80983a00cadc6a9c3b509
2025-05-05_77aa5cace886af5e61db8eb4c4cea57e_black-basta_cobalt-strike_satacom
MITRE ATT&CK & Malware Families
Indicators of Compromise (51 / 1005 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 01ad7ca8bc27f92355fd2895fc474157 | — | 2026-05-15 | |
| FileHash-MD5 | 069bccc9f31f57616e88c92650589bdd | — | 2026-05-15 | |
| FileHash-MD5 | 0a8c636978a996eeac05470a04186cda | MD5 of 514bdded73c49b95dd07444e05c898dc2f324611 | 2026-05-15 | |
| FileHash-MD5 | 1045ba04ee65640e89bde0b2684af495 | MD5 of 9ddb35fb947e55d340525ab38a635a5a705d6fe0 | 2026-05-15 | |
| FileHash-MD5 | 10fc635df6263e0df325be5f79cd6767 | MD5 of 742c3192e607e424eb4549542be1bbc53e6174e2 | 2026-05-15 | |
| FileHash-MD5 | 133cd2ed01953fe0f2fa9f28dfc4e730 | — | 2026-05-15 | |
| FileHash-MD5 | 1386dbc6dcc5e0be6fef05722ae572ec | — | 2026-05-15 | |
| FileHash-MD5 | 1bfe69d191b71933a372a80fe155e5b5 | MD5 of 2b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e | 2026-05-15 | |
| FileHash-MD5 | 1c0a578249b658f5dcd4b539eea9a329 | — | 2026-05-15 | |
| FileHash-MD5 | 2859c39887921dad2ff41feda44fe174 | — | 2026-05-15 | |
| FileHash-MD5 | 32d36d2b0719db2b739af803c5e1c2f5 | MD5 of 023c4f1159a2a05420f68daf939b9ac2b04ab082 | 2026-05-15 | |
| FileHash-MD5 | 337b0e65a856568778e25660f77bc80a | — | 2026-05-15 | |
| FileHash-MD5 | 34e49bb1dfddf6037f0001d9aefe7d61 | — | 2026-05-15 | |
| FileHash-MD5 | 365c9bfeb7d89244f2ce01c1de44cb85 | — | 2026-05-15 | |
| FileHash-MD5 | 4101128e19134a4733028cfaafc2f3bb | — | 2026-05-15 | |
| FileHash-MD5 | 497904b0eb8719ac47b0bc11519b74d0 | MD5 of d1eb23a46d17d68fd92564c2f1f1601764d8e349 | 2026-05-15 | |
| FileHash-MD5 | 4aa6c1d3dbe4bffd77e9a8f9ba7ed187 | — | 2026-05-15 | |
| FileHash-MD5 | 502e5e195c115deebd52c2f229763e0a | — | 2026-05-15 | |
| FileHash-MD5 | 59c25b05ddbc9d3f4c41c421882b2133 | MD5 of e54976a989e830310999a0d67c3b526f28c818c7 | 2026-05-15 | |
| FileHash-MD5 | 5b11cf21f5249ec675c2074c2467b3d6 | MD5 of 21dd10ed31bb32d5700bac8d92deaba9f6b723bb | 2026-05-15 | |
| FileHash-MD5 | 5e55731824cf9205cfabeab9a0600887 | — | 2026-05-15 | |
| FileHash-MD5 | 6a9ca97c039d9bbb7abf40b53c851198 | — | 2026-05-15 | |
| FileHash-MD5 | 6f4b8eb45a965372156086201207c81f | — | 2026-05-15 | |
| FileHash-MD5 | 70c3743909329f059ee883254e8bf64b | — | 2026-05-15 | |
| FileHash-MD5 | 71d0a5ff2d59741694bee37d1e5c860b | MD5 of 92b46c76e13054e104f230517e6e504d43ab10b5 | 2026-05-15 | |
| FileHash-MD5 | 7a7953f79aa6621ae63fde89dc55033c | — | 2026-05-15 | |
| FileHash-MD5 | 7f667a71d3eb6978209a51149d83da20 | MD5 of be36a4562fb2ee05dbb3d32323adf445084ed656 | 2026-05-15 | |
| FileHash-MD5 | 8140bdc5803a4893509f0e39b67158ce | — | 2026-05-15 | |
| FileHash-MD5 | 862727139ab02e81d00405310c1d788e | MD5 of dd2314752984329a4ea0180e5786b57c8ec5fd3a | 2026-05-15 | |
| FileHash-MD5 | 8769adafca3a6fc6ef26f01fd31afa84 | — | 2026-05-15 | |
| FileHash-MD5 | 97ee623f1217a7b4b7de5769b7b665d6 | — | 2026-05-15 | |
| FileHash-MD5 | 9a24c8c35e4ac4b1597124c1dcbebe0f | — | 2026-05-15 | |
| FileHash-MD5 | 9a4957bdc2a783ed4ba681cba2c99c5c | — | 2026-05-15 | |
| FileHash-MD5 | b4a170be3c3e502bd8e41f0a05dd79e1 | — | 2026-05-15 | |
| FileHash-MD5 | bc58eb17a9c2e48e97a12174818d969d | — | 2026-05-15 | |
| FileHash-MD5 | bd18f35f8a56415ec604d97bd3dd44c4 | MD5 of 63f51eb5dafeb24327e3bcb63828336c920b4fcd | 2026-05-15 | |
| FileHash-MD5 | d0254ed67b38c020bfc521283ae81481 | — | 2026-05-15 | |
| FileHash-MD5 | d30149d319efcaecf0a5c5e71ef6cb39 | MD5 of 99beeb17bfc69e8370036f9457edb4d6812b22e2 | 2026-05-15 | |
| FileHash-MD5 | d47e6acf09ead5774d5b471ab3ab96ff | — | 2026-05-15 | |
| FileHash-MD5 | dba8bbed03ce702482cc492b1ce936c8 | MD5 of a8c841a943d0c1493db3cb1e5e98f9df8f3feb72 | 2026-05-15 | |
| FileHash-MD5 | de4d104ea13b70c093b07219d2eff6cb | — | 2026-05-15 | |
| FileHash-MD5 | e1c07ea0aabbd4b77b84c228117808a7 | MD5 of cdd4eeae6000ac7f40c3802c171e30148030c072 | 2026-05-15 | |
| FileHash-MD5 | e2fcb0ad9ea59332c808928b4b439e7a | — | 2026-05-15 | |
| FileHash-MD5 | e3d495cf14d857349554a3606a8e7210 | MD5 of db0843b89a84fb37efd3c76168bcb303174aac29 | 2026-05-15 | |
| FileHash-MD5 | eb1577b40b3c8babae346dd98ead0780 | MD5 of 51501fbfce69189d609cfaf140c576755dcc1fdf | 2026-05-15 | |
| FileHash-MD5 | ec21b8ae27649fbd846193c63bc9265f | — | 2026-05-15 | |
| FileHash-MD5 | f12681a472b9dd04a812e16096514974 | — | 2026-05-15 | |
| FileHash-MD5 | f811933950629043f05c6494bddb5476 | — | 2026-05-15 | |
| FileHash-MD5 | fa8fa9c9d1fc103e211327840f5d1052 | — | 2026-05-15 | |
| FileHash-MD5 | ff8300999335c939fcce94f2e7f039c0 | — | 2026-05-15 | |
| FileHash-MD5 | 77aa5cace886af5e61db8eb4c4cea57e | MD5 of 579b8c30100421557b93994aa6395f426efc0cb8 | 2026-05-15 |