Analysis
-
max time kernel
64s -
max time network
140s -
platform
windows10_x64 -
resource
win10v20210408 -
submitted
04-07-2021 11:02
General
-
Target
9fbeabd476a205fecdcbe66f7c0e54cd.exe
-
Size
627KB
-
MD5
9fbeabd476a205fecdcbe66f7c0e54cd
-
SHA1
63bffa21cecd8d2604fbc9561c7a047a5a2df657
-
SHA256
bddbc443969ee9ba73dcdca9bec564e4cbeadf3c606681d9ce134b1f356f31f5
-
SHA512
73e80daaf8ea5c3ef6d7193e92e03ca0fb2b98be3da84d44aa362a4e4cc06a365ff7bb1cd90226c666a36d4f1f92511a82c516238e9f8d42c50e83b950b2fbb5
Score
10/10
Malware Config
Extracted
Family
systembc
C2
185.215.113.32:4000
78.47.64.46:4000
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9fbeabd476a205fecdcbe66f7c0e54cd.exe"C:\Users\Admin\AppData\Local\Temp\9fbeabd476a205fecdcbe66f7c0e54cd.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\9fbeabd476a205fecdcbe66f7c0e54cd.exeC:\Users\Admin\AppData\Local\Temp\9fbeabd476a205fecdcbe66f7c0e54cd.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/568-115-0x0000000002230000-0x0000000002235000-memory.dmpFilesize
20KB
-
memory/568-114-0x0000000000760000-0x0000000000761000-memory.dmpFilesize
4KB
-
memory/568-116-0x0000000000400000-0x00000000004A2000-memory.dmpFilesize
648KB
-
memory/3172-117-0x00000000001F0000-0x00000000001F1000-memory.dmpFilesize
4KB
-
memory/3172-119-0x0000000000400000-0x00000000004A2000-memory.dmpFilesize
648KB