Analysis
-
max time kernel
109s -
max time network
142s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
12-11-2021 16:03
General
-
Target
5bbc088772a52d0bcd38796f079c06d61349aca2d24bee1bc27d2be0a194dc16.exe
-
Size
158KB
-
MD5
f90bc85b6a7281b58d74415a11ce19f9
-
SHA1
39416e0f953cb54e70a545853cb9160d6ea9d09b
-
SHA256
5bbc088772a52d0bcd38796f079c06d61349aca2d24bee1bc27d2be0a194dc16
-
SHA512
b3d230cdb5b0acdb0a7035e57687cdc1d2626b370c7fafc32092d41a8f3cf674f3b20c965f52328e9e85cf0642af9aab55dd33582fa3f8bef7ea3838b3c3493c
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.212.150.113:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\5bbc088772a52d0bcd38796f079c06d61349aca2d24bee1bc27d2be0a194dc16.exe"C:\Users\Admin\AppData\Local\Temp\5bbc088772a52d0bcd38796f079c06d61349aca2d24bee1bc27d2be0a194dc16.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\5bbc088772a52d0bcd38796f079c06d61349aca2d24bee1bc27d2be0a194dc16.exeC:\Users\Admin\AppData\Local\Temp\5bbc088772a52d0bcd38796f079c06d61349aca2d24bee1bc27d2be0a194dc16.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/424-119-0x0000000000510000-0x000000000065A000-memory.dmpFilesize
1.3MB
-
memory/424-120-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB
-
memory/424-118-0x0000000000440000-0x00000000004EE000-memory.dmpFilesize
696KB
-
memory/2808-115-0x0000000000530000-0x000000000067A000-memory.dmpFilesize
1.3MB
-
memory/2808-116-0x0000000002160000-0x0000000002165000-memory.dmpFilesize
20KB
-
memory/2808-117-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB