Analysis
-
max time kernel
122s -
max time network
142s -
platform
windows10_x64 -
resource
win10-en-20211104 -
submitted
28-11-2021 21:32
General
-
Target
aecd79e61e087039809b61fe69802c21.exe
-
Size
296KB
-
MD5
aecd79e61e087039809b61fe69802c21
-
SHA1
3dd2487251cb032074b1e0ab9d2f51dc1441de93
-
SHA256
240ee6db893981a6dd47ffc0932dcf343d09517e8aebc07dc712e6745ee59a27
-
SHA512
d60b096f79063b28220f64222157c8639561d56565c955921824e43c6df086ae3886acec7ca70d290e331032009269e389cd8ad710d389e105fe3f02dce4ca92
Score
10/10
Malware Config
Extracted
Family
systembc
C2
178.20.41.173:4001
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\aecd79e61e087039809b61fe69802c21.exe"C:\Users\Admin\AppData\Local\Temp\aecd79e61e087039809b61fe69802c21.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\aecd79e61e087039809b61fe69802c21.exeC:\Users\Admin\AppData\Local\Temp\aecd79e61e087039809b61fe69802c21.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2660-118-0x0000000001DF9000-0x0000000001E0A000-memory.dmpFilesize
68KB
-
memory/2660-120-0x0000000000400000-0x0000000001C00000-memory.dmpFilesize
24.0MB
-
memory/2660-119-0x00000000001E0000-0x00000000001E5000-memory.dmpFilesize
20KB
-
memory/3960-121-0x0000000001E5E000-0x0000000001E6E000-memory.dmpFilesize
64KB
-
memory/3960-123-0x0000000000400000-0x0000000001C00000-memory.dmpFilesize
24.0MB
-
memory/3960-122-0x0000000001C00000-0x0000000001D4A000-memory.dmpFilesize
1.3MB