Analysis
-
max time kernel
117s -
max time network
142s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
12-11-2021 13:50
General
-
Target
33fb0cb7bf350a791e957a53111268aab9cbf787602d7e7e5959c79973b8d67a.exe
-
Size
159KB
-
MD5
798d747f24d6d2b0edf55ac65638dbe1
-
SHA1
886708c98a4fbb54f356f9f70f73db33cde4e83c
-
SHA256
33fb0cb7bf350a791e957a53111268aab9cbf787602d7e7e5959c79973b8d67a
-
SHA512
298b631064c17162429463ebbdf00344b37cac3b0207313f211e1d256d9c1346e59e8d805d0cf05c2f76fe29bb1fc25855cdc2f3d6dee458fa9589478ec495c8
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.212.150.113:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\33fb0cb7bf350a791e957a53111268aab9cbf787602d7e7e5959c79973b8d67a.exe"C:\Users\Admin\AppData\Local\Temp\33fb0cb7bf350a791e957a53111268aab9cbf787602d7e7e5959c79973b8d67a.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\33fb0cb7bf350a791e957a53111268aab9cbf787602d7e7e5959c79973b8d67a.exeC:\Users\Admin\AppData\Local\Temp\33fb0cb7bf350a791e957a53111268aab9cbf787602d7e7e5959c79973b8d67a.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/648-119-0x0000000000560000-0x00000000006AA000-memory.dmpFilesize
1.3MB
-
memory/648-118-0x0000000000560000-0x00000000006AA000-memory.dmpFilesize
1.3MB
-
memory/648-120-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB
-
memory/3032-115-0x00000000001D0000-0x00000000001D6000-memory.dmpFilesize
24KB
-
memory/3032-116-0x00000000001E0000-0x00000000001E5000-memory.dmpFilesize
20KB
-
memory/3032-117-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB