Analysis
-
max time kernel
121s -
max time network
138s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
12-11-2021 20:44
General
-
Target
840484748ec07f88193bdbc1ec31ea075481b3da78920dddeb600359d60a64b0.exe
-
Size
158KB
-
MD5
69927c4711fa0f2195833bc662990b42
-
SHA1
0b5697f13c37497a93ddf9f991e73972112a3619
-
SHA256
840484748ec07f88193bdbc1ec31ea075481b3da78920dddeb600359d60a64b0
-
SHA512
3058189a04f46f854bed3cc36c555aba5321ab8f2bb1ff755d81f872b1bf9b8c8f3b803c8be419b04ab0216fa24c264387fde2f6a85f0691c893cc585a942205
Score
10/10
Malware Config
Extracted
Family
systembc
C2
91.212.150.113:4199
192.53.123.202:4199
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\840484748ec07f88193bdbc1ec31ea075481b3da78920dddeb600359d60a64b0.exe"C:\Users\Admin\AppData\Local\Temp\840484748ec07f88193bdbc1ec31ea075481b3da78920dddeb600359d60a64b0.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\840484748ec07f88193bdbc1ec31ea075481b3da78920dddeb600359d60a64b0.exeC:\Users\Admin\AppData\Local\Temp\840484748ec07f88193bdbc1ec31ea075481b3da78920dddeb600359d60a64b0.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2320-122-0x00000000005C0000-0x00000000005C5000-memory.dmpFilesize
20KB
-
memory/2320-121-0x00000000005A0000-0x00000000005A6000-memory.dmpFilesize
24KB
-
memory/2320-123-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB
-
memory/4060-118-0x00000000004D0000-0x000000000061A000-memory.dmpFilesize
1.3MB
-
memory/4060-119-0x00000000004D0000-0x000000000061A000-memory.dmpFilesize
1.3MB
-
memory/4060-120-0x0000000000400000-0x0000000000431000-memory.dmpFilesize
196KB