systembc | 3dcc7887a109458f2293cc93b2ac8c0555d94113d1dff3e793e25f211563332f | Triage

Sharing

General

Target

sid.exe
Size

417KB
Sample

210604-5f2g7e4vxs
MD5

3717f19e054f64f9c0313947bd880726
SHA1

ed71be8e7ec8d0c21ec5b6b02e1265f217a9b0ce
SHA256

3dcc7887a109458f2293cc93b2ac8c0555d94113d1dff3e793e25f211563332f
SHA512

c57c96fafca612f2d5ce9cb8ebc57ab270e0fb9a47632e657e1bc1dea2cc3e841f4a50e6a134b29672e8de9a2df4ac3e132de3ba235ebb08301dc9c04b6ae86b

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

23.19.227.233:4142

192.168.1.149:4142

Targets

- Target
  
  sid.exe
- Size
  
  417KB
- MD5
  
  3717f19e054f64f9c0313947bd880726
- SHA1
  
  ed71be8e7ec8d0c21ec5b6b02e1265f217a9b0ce
- SHA256
  
  3dcc7887a109458f2293cc93b2ac8c0555d94113d1dff3e793e25f211563332f
- SHA512
  
  c57c96fafca612f2d5ce9cb8ebc57ab270e0fb9a47632e657e1bc1dea2cc3e841f4a50e6a134b29672e8de9a2df4ac3e132de3ba235ebb08301dc9c04b6ae86b
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2