Analysis
-
max time kernel
119s -
max time network
145s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
09-11-2021 20:28
General
-
Target
2cadc2941d9a86d723cc5c17f0b07fe3e009b9b42a842db3d0387c9220e6637b.exe
-
Size
286KB
-
MD5
f2e4207075f836e986948cd520419ff6
-
SHA1
b3f24905b9113fdbb24bf961e3bfc250f50b07b9
-
SHA256
2cadc2941d9a86d723cc5c17f0b07fe3e009b9b42a842db3d0387c9220e6637b
-
SHA512
f77871ae21bbd13722bda4c226c5c48a24ea4916fffb190059af027cbd0f05e7abe2222e4960e068852a1085f161b62c9ef4ad187c8b1e60726fb89b054a84d5
Score
10/10
Malware Config
Extracted
Family
systembc
C2
fre22.ddns.net:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2cadc2941d9a86d723cc5c17f0b07fe3e009b9b42a842db3d0387c9220e6637b.exe"C:\Users\Admin\AppData\Local\Temp\2cadc2941d9a86d723cc5c17f0b07fe3e009b9b42a842db3d0387c9220e6637b.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\2cadc2941d9a86d723cc5c17f0b07fe3e009b9b42a842db3d0387c9220e6637b.exeC:\Users\Admin\AppData\Local\Temp\2cadc2941d9a86d723cc5c17f0b07fe3e009b9b42a842db3d0387c9220e6637b.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3936-119-0x0000000002B40000-0x0000000002BEE000-memory.dmpFilesize
696KB
-
memory/3936-120-0x0000000000400000-0x0000000002B40000-memory.dmpFilesize
39.2MB
-
memory/4240-122-0x00000000033D0000-0x00000000033D5000-memory.dmpFilesize
20KB
-
memory/4240-123-0x0000000000400000-0x0000000002B40000-memory.dmpFilesize
39.2MB