Analysis
-
max time kernel
147s -
max time network
152s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
09-11-2021 15:33
General
-
Target
13d745875c936f4e1a14f8a9ea0e47307e108a85de099863300c33683cf434d5.exe
-
Size
288KB
-
MD5
b0f7bd15a71edc950651331efff96b50
-
SHA1
8c7c5d56bc38d96fc98e58d00891c00047d49634
-
SHA256
13d745875c936f4e1a14f8a9ea0e47307e108a85de099863300c33683cf434d5
-
SHA512
6de6089e01dcfac94627027ad86fab326656f7533c5d9a110de3d23500b4b0a7c61e7e58f6d22afa42bd99b3e17cfbd1c04ec5fb8ddebd0a35321399ca26f05c
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.209.70.71:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\13d745875c936f4e1a14f8a9ea0e47307e108a85de099863300c33683cf434d5.exe"C:\Users\Admin\AppData\Local\Temp\13d745875c936f4e1a14f8a9ea0e47307e108a85de099863300c33683cf434d5.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\13d745875c936f4e1a14f8a9ea0e47307e108a85de099863300c33683cf434d5.exeC:\Users\Admin\AppData\Local\Temp\13d745875c936f4e1a14f8a9ea0e47307e108a85de099863300c33683cf434d5.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1548-118-0x0000000002E5D000-0x0000000002E6D000-memory.dmpFilesize
64KB
-
memory/1548-119-0x0000000000400000-0x0000000002B3F000-memory.dmpFilesize
39.2MB
-
memory/3428-116-0x0000000002CD0000-0x0000000002CD5000-memory.dmpFilesize
20KB
-
memory/3428-117-0x0000000000400000-0x0000000002B3F000-memory.dmpFilesize
39.2MB