systembc | a48239f5b38d0ac9c388fd2af94f9c510f1f3fa241a2a434c6ab453774b70e2f | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10_x64

Sharing

General

Target

a48239f5b38d0ac9c388fd2af94f9c510f1f3fa241a2a434c6ab453774b70e2f
Size

575KB
Sample

220120-yxfmksbdh8
MD5

1d2e0c8bbbefd663e8f6f45534ba4d99
SHA1

82f642b063655ab32c5f0f17f7adad9b9b471702
SHA256

a48239f5b38d0ac9c388fd2af94f9c510f1f3fa241a2a434c6ab453774b70e2f
SHA512

221ef6738f6c4ee8e2d8287004a5874ee6e6e4435d08ec7660725dea0f781b5363dd5885810e1175984e8839a211b4034aff0f81b9fa02c7dfce2d174458b082

Score

10^/10

systembc trojan

Static task

static1

Behavioral task

behavioral1

Sample

a48239f5b38d0ac9c388fd2af94f9c510f1f3fa241a2a434c6ab453774b70e2f.exe

Resource

win10-en-20211208

systembc trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

systembc

C2

mainscpnl.xyz:4207

backpscpnl.xyz:4207

Targets

- Target
  
  a48239f5b38d0ac9c388fd2af94f9c510f1f3fa241a2a434c6ab453774b70e2f
- Size
  
  575KB
- MD5
  
  1d2e0c8bbbefd663e8f6f45534ba4d99
- SHA1
  
  82f642b063655ab32c5f0f17f7adad9b9b471702
- SHA256
  
  a48239f5b38d0ac9c388fd2af94f9c510f1f3fa241a2a434c6ab453774b70e2f
- SHA512
  
  221ef6738f6c4ee8e2d8287004a5874ee6e6e4435d08ec7660725dea0f781b5363dd5885810e1175984e8839a211b4034aff0f81b9fa02c7dfce2d174458b082
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Downloads MZ/PE file
- Executes dropped EXE
- Deletes itself
- Drops file in System32 directory
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy