Analysis
-
max time kernel
110s -
max time network
142s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
07-11-2021 14:06
General
-
Target
67b9f1191173ac067c5b021228a7aeb57084b06a77781c98de4377381afd97d3.exe
-
Size
256KB
-
MD5
7955ca3468136c1b409fa0d68d5ce81c
-
SHA1
951231c1c92dac6c12c05a45598f16aea5674873
-
SHA256
67b9f1191173ac067c5b021228a7aeb57084b06a77781c98de4377381afd97d3
-
SHA512
2a4d6caa955108545357f923a34d1e08a1bd8635c775ff0bf8de44ddb1300903112828562deddb0de914844bede4840dde9479ca8e7ab1d30034c37de5cdbdc0
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.209.70.71:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\67b9f1191173ac067c5b021228a7aeb57084b06a77781c98de4377381afd97d3.exe"C:\Users\Admin\AppData\Local\Temp\67b9f1191173ac067c5b021228a7aeb57084b06a77781c98de4377381afd97d3.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\67b9f1191173ac067c5b021228a7aeb57084b06a77781c98de4377381afd97d3.exeC:\Users\Admin\AppData\Local\Temp\67b9f1191173ac067c5b021228a7aeb57084b06a77781c98de4377381afd97d3.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1324-118-0x0000000000400000-0x000000000044A000-memory.dmpFilesize
296KB
-
memory/3380-116-0x00000000005C0000-0x00000000005C5000-memory.dmpFilesize
20KB
-
memory/3380-115-0x00000000005B0000-0x00000000005B6000-memory.dmpFilesize
24KB
-
memory/3380-117-0x0000000000400000-0x000000000044A000-memory.dmpFilesize
296KB