Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
29-11-2020 15:49
General
-
Target
c1d31fa7484170247564e89c97cc325d1f317fb8c8efe50e4d126c7881adf499.exe
-
Size
259KB
-
MD5
1f4928730be377f7affb80c3f5305883
-
SHA1
50b760064a237f123f0f06a846b78cf58713cad1
-
SHA256
c1d31fa7484170247564e89c97cc325d1f317fb8c8efe50e4d126c7881adf499
-
SHA512
58ecec71935ab0c490d1011da04aba3d694443b67c576421e6a9e4dc615a5f43b6ee84e2d9a3a48c2895fe28b94955604c2080de290b13ecc086127e5f4dfa54
Malware Config
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Executes dropped EXE 1 IoCs
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c1d31fa7484170247564e89c97cc325d1f317fb8c8efe50e4d126c7881adf499.exe"C:\Users\Admin\AppData\Local\Temp\c1d31fa7484170247564e89c97cc325d1f317fb8c8efe50e4d126c7881adf499.exe"1⤵
- Drops file in Windows directory
-
C:\ProgramData\idlscj\hujcpq.exeC:\ProgramData\idlscj\hujcpq.exe start1⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\ProgramData\idlscj\hujcpq.exeMD5
1f4928730be377f7affb80c3f5305883
SHA150b760064a237f123f0f06a846b78cf58713cad1
SHA256c1d31fa7484170247564e89c97cc325d1f317fb8c8efe50e4d126c7881adf499
SHA51258ecec71935ab0c490d1011da04aba3d694443b67c576421e6a9e4dc615a5f43b6ee84e2d9a3a48c2895fe28b94955604c2080de290b13ecc086127e5f4dfa54
-
C:\ProgramData\idlscj\hujcpq.exeMD5
1f4928730be377f7affb80c3f5305883
SHA150b760064a237f123f0f06a846b78cf58713cad1
SHA256c1d31fa7484170247564e89c97cc325d1f317fb8c8efe50e4d126c7881adf499
SHA51258ecec71935ab0c490d1011da04aba3d694443b67c576421e6a9e4dc615a5f43b6ee84e2d9a3a48c2895fe28b94955604c2080de290b13ecc086127e5f4dfa54