Analysis
-
max time kernel
148s -
max time network
148s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
09-11-2021 13:29
General
-
Target
dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe
-
Size
288KB
-
MD5
ceea6086ee35470471020567279f18ff
-
SHA1
fbf5e7816d1c6a2784a567ff3cf2cce01e63eade
-
SHA256
dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841
-
SHA512
9a268958653a9fb3eeee7ad2cb01ff0d97818ad86f104f61e472a48e522d2d57efab0d57dfb0b9f26a2068ab27d6273472723829473ad688ad37497dd6ce76cc
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.209.70.71:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe"C:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exeC:\Users\Admin\AppData\Local\Temp\dc2cc95ccbdce16e8eebfac5468293db643425246eefb52b5ea04f742e9b6841.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3476-118-0x0000000002DA9000-0x0000000002DB9000-memory.dmpFilesize
64KB
-
memory/3476-119-0x0000000002B40000-0x0000000002C8A000-memory.dmpFilesize
1.3MB
-
memory/3476-120-0x0000000000400000-0x0000000002B40000-memory.dmpFilesize
39.2MB
-
memory/4332-121-0x0000000002E7D000-0x0000000002E8D000-memory.dmpFilesize
64KB
-
memory/4332-123-0x0000000000400000-0x0000000002B40000-memory.dmpFilesize
39.2MB
-
memory/4332-122-0x0000000002C60000-0x0000000002C65000-memory.dmpFilesize
20KB