BumbleBee Used To Drop A Meterpreter Agent
The intrusion began with the delivery of an ISO file that contained an LNK and a DLL.
The threat actors leveraged BumbleBee to load a Meterpreter agent and Cobalt Strike Beacons.
They then performed reconnaissance, used two different UAC bypass techniques, dumped credentials, escalated privileges using a ZeroLogon exploit, and moved laterally through the environment.
Featured Resources
Subscribe to Our Blog
Subscribe now to get the latest insights, expert tips and updates on threat exposure validation.
Subscribe