Overview

overview

10

Static

static

foo.exe

windows7_x64

10

foo.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    foo.exe

  • Size

    652KB

  • Sample

    210514-crl3dvq64e

  • MD5

    fa93cfe0898c704551cefdfa193d406f

  • SHA1

    f8af1b293aecdb3d1fe038b4b638f283ee852287

  • SHA256

    2dc93817039e6fa4fae014e1386cffa7ac35b89feac59d8abe7f51be1c089580

  • SHA512

    419ef243f4581f8ef7ffc9a85842417db3df20915a9685f4191e8febb0406bc871210d3fc74c6827243fe2ba3c842b266e3c21d19eb89c39ba29e24477874f17

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

23.227.202.22:4142

79.110.52.9:4142

Targets

    • Target

      foo.exe

    • Size

      652KB

    • MD5

      fa93cfe0898c704551cefdfa193d406f

    • SHA1

      f8af1b293aecdb3d1fe038b4b638f283ee852287

    • SHA256

      2dc93817039e6fa4fae014e1386cffa7ac35b89feac59d8abe7f51be1c089580

    • SHA512

      419ef243f4581f8ef7ffc9a85842417db3df20915a9685f4191e8febb0406bc871210d3fc74c6827243fe2ba3c842b266e3c21d19eb89c39ba29e24477874f17

    Score
    10/10
    systembctrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks