Analysis
-
max time kernel
109s -
max time network
140s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
12-11-2021 12:20
General
-
Target
26ba2f4aed0d0811156c5441253c80c64e3ceb3ce6361e972a073e97916bc2bb.exe
-
Size
158KB
-
MD5
b382a33fc78de7cedcb81cd03ff017a7
-
SHA1
bd278d914b20167533b9eb419bfd7e7035e2648d
-
SHA256
26ba2f4aed0d0811156c5441253c80c64e3ceb3ce6361e972a073e97916bc2bb
-
SHA512
99e674d83d62430e9ce2105885445c599ae1c4bd9c41c486dad47a2f450d91859aa5d38f0140f1b788dfa8eeee6b425b52ac92cc2c7188fd23729c88f0ee24d8
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.212.150.113:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\26ba2f4aed0d0811156c5441253c80c64e3ceb3ce6361e972a073e97916bc2bb.exe"C:\Users\Admin\AppData\Local\Temp\26ba2f4aed0d0811156c5441253c80c64e3ceb3ce6361e972a073e97916bc2bb.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\26ba2f4aed0d0811156c5441253c80c64e3ceb3ce6361e972a073e97916bc2bb.exeC:\Users\Admin\AppData\Local\Temp\26ba2f4aed0d0811156c5441253c80c64e3ceb3ce6361e972a073e97916bc2bb.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1184-118-0x0000000000490000-0x00000000005DA000-memory.dmpFilesize
1.3MB
-
memory/1184-119-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB
-
memory/3280-115-0x0000000002150000-0x0000000002156000-memory.dmpFilesize
24KB
-
memory/3280-117-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB
-
memory/3280-116-0x0000000002160000-0x0000000002165000-memory.dmpFilesize
20KB