Analysis
-
max time kernel
148s -
max time network
148s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
09-11-2021 14:33
General
-
Target
995f677470403ca3e19c741da0ae34fece55ac8def41bd84d4d35554a3c2bbd1.exe
-
Size
287KB
-
MD5
37c2b5ed53bf8dd130d8e99cde8876d8
-
SHA1
ee7d5bcdfee3661193abb01cc1148473e752325b
-
SHA256
995f677470403ca3e19c741da0ae34fece55ac8def41bd84d4d35554a3c2bbd1
-
SHA512
fcfc0b91490ef7e9d80f8208b90556d80461b57d86b4e03bda0e40953f05a5cb615baf0e6a5f7a9bb56c23132cf006354b3b13ac1c24222b64a0a4ef19b6c77f
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.209.70.71:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\995f677470403ca3e19c741da0ae34fece55ac8def41bd84d4d35554a3c2bbd1.exe"C:\Users\Admin\AppData\Local\Temp\995f677470403ca3e19c741da0ae34fece55ac8def41bd84d4d35554a3c2bbd1.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\995f677470403ca3e19c741da0ae34fece55ac8def41bd84d4d35554a3c2bbd1.exeC:\Users\Admin\AppData\Local\Temp\995f677470403ca3e19c741da0ae34fece55ac8def41bd84d4d35554a3c2bbd1.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4052-118-0x0000000002E89000-0x0000000002E9A000-memory.dmpFilesize
68KB
-
memory/4052-119-0x0000000002CA0000-0x0000000002CA5000-memory.dmpFilesize
20KB
-
memory/4052-120-0x0000000000400000-0x0000000002B40000-memory.dmpFilesize
39.2MB
-
memory/4276-122-0x0000000002B40000-0x0000000002BEE000-memory.dmpFilesize
696KB
-
memory/4276-123-0x0000000000400000-0x0000000002B40000-memory.dmpFilesize
39.2MB