Analysis
-
max time kernel
119s -
max time network
136s -
platform
windows10_x64 -
resource
win10-en-20211014 -
submitted
12-11-2021 19:04
General
-
Target
a0c692960754973608d015362a7f23613c526123d9dbb0c7a691fc5e7bb6e7a2.exe
-
Size
159KB
-
MD5
3ddd7324388cc1adec335f114c717f57
-
SHA1
0f422bd94a7ab9fecd344cfe71327c04cb8a4e71
-
SHA256
a0c692960754973608d015362a7f23613c526123d9dbb0c7a691fc5e7bb6e7a2
-
SHA512
3828e5b6ab8fb4aa45250bd7401f570c122ec8acc07bdfb6bfd8a39382e703304ec1d9c253c828e6ef13693569b9d84bb2aab0592f5ef74658b955a46c8483fe
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.212.150.113:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a0c692960754973608d015362a7f23613c526123d9dbb0c7a691fc5e7bb6e7a2.exe"C:\Users\Admin\AppData\Local\Temp\a0c692960754973608d015362a7f23613c526123d9dbb0c7a691fc5e7bb6e7a2.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\a0c692960754973608d015362a7f23613c526123d9dbb0c7a691fc5e7bb6e7a2.exeC:\Users\Admin\AppData\Local\Temp\a0c692960754973608d015362a7f23613c526123d9dbb0c7a691fc5e7bb6e7a2.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2804-116-0x0000000002170000-0x0000000002175000-memory.dmpFilesize
20KB
-
memory/2804-115-0x0000000002160000-0x0000000002166000-memory.dmpFilesize
24KB
-
memory/2804-117-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB
-
memory/4088-119-0x0000000000440000-0x00000000004EE000-memory.dmpFilesize
696KB
-
memory/4088-118-0x0000000000440000-0x00000000004EE000-memory.dmpFilesize
696KB
-
memory/4088-120-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB