Analysis
-
max time kernel
118s -
max time network
145s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
22-12-2021 13:50
General
-
Target
086e9bc0fa2ae515cced5d746de30c0b8389e29ef756af95da84ec8e7c7359ec.exe
-
Size
327KB
-
MD5
8d91326c99f8cb867f886e065f88509f
-
SHA1
a6d0b07a91cc81c6729cc0b01fba0a5ac743e606
-
SHA256
086e9bc0fa2ae515cced5d746de30c0b8389e29ef756af95da84ec8e7c7359ec
-
SHA512
8a3ea897ae19a957ed27157b460f05eb459b6397dbd1016bb1e9dbdbd25424bfcdcd7342cc4e64a51b002fbefc6d2746b4754b2dfde48e6d20c1d2065664b103
Score
10/10
Malware Config
Extracted
Family
systembc
C2
185.70.184.41:4001
Signatures
-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Drops file in Windows directory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\086e9bc0fa2ae515cced5d746de30c0b8389e29ef756af95da84ec8e7c7359ec.exe"C:\Users\Admin\AppData\Local\Temp\086e9bc0fa2ae515cced5d746de30c0b8389e29ef756af95da84ec8e7c7359ec.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\086e9bc0fa2ae515cced5d746de30c0b8389e29ef756af95da84ec8e7c7359ec.exeC:\Users\Admin\AppData\Local\Temp\086e9bc0fa2ae515cced5d746de30c0b8389e29ef756af95da84ec8e7c7359ec.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3828-115-0x0000000000886000-0x0000000000897000-memory.dmpFilesize
68KB
-
memory/3828-116-0x0000000000640000-0x0000000000645000-memory.dmpFilesize
20KB
-
memory/3828-117-0x0000000000400000-0x00000000004D2000-memory.dmpFilesize
840KB
-
memory/4548-118-0x00000000007AB000-0x00000000007BC000-memory.dmpFilesize
68KB
-
memory/4548-119-0x0000000000400000-0x00000000004D2000-memory.dmpFilesize
840KB