Overview

overview

10

Static

static

dridex

windows10_x64

10

Analysis

  • max time kernel
    108s
  • max time network
    143s
  • platform
    windows10_x64
  • resource
    win10-en-20211014
  • submitted
    08-12-2021 09:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    617f9d822418a44cac50b28755f2d075fac1c2de21995820912f07f4b4ee8075.exe

  • Size

    232KB

  • MD5

    fd4e0205ce36f99ff343a78ec3e251bc

  • SHA1

    b633df31339acb69f708a41fd227298420fd4036

  • SHA256

    617f9d822418a44cac50b28755f2d075fac1c2de21995820912f07f4b4ee8075

  • SHA512

    f413a054603bc0bc86d1657e3960c4b691e7900be36e9470a408264cb63ad0eb9d7cea7b83dbfdf7f727ea5c359d7d6ab5b565ab60976735d67f00c5a082f50e

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

185.209.30.180:4001

Signatures

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc
  • Drops file in Windows directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\617f9d822418a44cac50b28755f2d075fac1c2de21995820912f07f4b4ee8075.exe
    "C:\Users\Admin\AppData\Local\Temp\617f9d822418a44cac50b28755f2d075fac1c2de21995820912f07f4b4ee8075.exe"
    1⤵
    • Drops file in Windows directory
    PID:2452
  • C:\Users\Admin\AppData\Local\Temp\617f9d822418a44cac50b28755f2d075fac1c2de21995820912f07f4b4ee8075.exe
    C:\Users\Admin\AppData\Local\Temp\617f9d822418a44cac50b28755f2d075fac1c2de21995820912f07f4b4ee8075.exe start
    1⤵
      PID:2256

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2256-118-0x0000000002B80000-0x0000000002CCA000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2256-119-0x0000000002B80000-0x0000000002CCA000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2256-120-0x0000000000400000-0x0000000002B74000-memory.dmp

      Filesize

      39.5MB

      Download

    • memory/2452-115-0x0000000002B80000-0x0000000002CCA000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2452-116-0x0000000002B80000-0x0000000002CCA000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2452-117-0x0000000000400000-0x0000000002B74000-memory.dmp

      Filesize

      39.5MB

      Download