Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows10_x64
  • resource
    win10-en-20211104
  • submitted
    09-11-2021 13:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe

  • Size

    288KB

  • MD5

    ceea6086ee35470471020567279f18ff

  • SHA1

    fbf5e7816d1c6a2784a567ff3cf2cce01e63eade

  • SHA256

    dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841

  • SHA512

    9a268958653a9fb3eeee7ad2cb01ff0d97818ad86f104f61e472a48e522d2d57efab0d57dfb0b9f26a2068ab27d6273472723829473ad688ad37497dd6ce76cc

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

91.209.70.71:4199

192.53.123.202:4199

Signatures

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc
  • Drops file in Windows directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe
    "C:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe"
    1⤵
    • Drops file in Windows directory
    PID:3476
  • C:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe
    C:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe start
    1⤵
      PID:4332

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3476-118-0x0000000002DA9000-0x0000000002DB9000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3476-119-0x0000000002B40000-0x0000000002C8A000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/3476-120-0x0000000000400000-0x0000000002B40000-memory.dmp

      Filesize

      39.2MB

      Download

    • memory/4332-121-0x0000000002E7D000-0x0000000002E8D000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4332-123-0x0000000000400000-0x0000000002B40000-memory.dmp

      Filesize

      39.2MB

      Download

    • memory/4332-122-0x0000000002C60000-0x0000000002C65000-memory.dmp

      Filesize

      20KB

      Download