systembc | f84a10e65b8b479c09668202550f40f3f7ccc5e3343e1a8ed6173e0873aefd11 | Triage

Submit
Reports

Overview

overview

Static

static

socks_cryp...te.exe

windows7_x64

socks_cryp...te.exe

windows10_x64

Sharing

General

Target

socks_crypt_update.exe
Size

317KB
Sample

220127-vpjgqagcbq
MD5

8f94de248d86fc855da27f403fca561f
SHA1

0ebd03d681c58e8431c761f695e49682860137f5
SHA256

f84a10e65b8b479c09668202550f40f3f7ccc5e3343e1a8ed6173e0873aefd11
SHA512

ad36cb1926ba630cb4441d3539295aee2cff164731fb6cdc061a3802e69f7e446b76f1012b1c1f2d0334a98d229e7479243afa4a5dc02e166662b72b27ec43fd

Score

10^/10

systembc suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

socks_crypt_update.exe

Resource

win7-en-20211208

systembc suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

socks_crypt_update.exe

Resource

win10-en-20211208

systembc suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

systembc

C2

186.2.171.65:4001

Targets

- Target
  
  socks_crypt_update.exe
- Size
  
  317KB
- MD5
  
  8f94de248d86fc855da27f403fca561f
- SHA1
  
  0ebd03d681c58e8431c761f695e49682860137f5
- SHA256
  
  f84a10e65b8b479c09668202550f40f3f7ccc5e3343e1a8ed6173e0873aefd11
- SHA512
  
  ad36cb1926ba630cb4441d3539295aee2cff164731fb6cdc061a3802e69f7e446b76f1012b1c1f2d0334a98d229e7479243afa4a5dc02e166662b72b27ec43fd
Score

10^/10

systembc suricata trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- suricata: ET MALWARE Win32/SystemBC CnC Checkin
  suricata: ET MALWARE Win32/SystemBC CnC Checkin
  suricata
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

systembcsuricatatrojan

behavioral2

systembcsuricatatrojan

© 2018-2024

Terms | Privacy