systembc | 68acbe23860fcebf344008d37030ba4f3d2a4e2fb209a72a2142690a32ba020f | Triage

Sharing

General

Target

68acbe23860fcebf344008d37030ba4f3d2a4e2fb209a72a2142690a32ba020f
Size

30KB
Sample

220201-gm512shffm
MD5

7a0ae9fabc401ba06f5e0900a7abed9b
SHA1

d39f9fb40153e0c9c381c76fce0a167759972924
SHA256

68acbe23860fcebf344008d37030ba4f3d2a4e2fb209a72a2142690a32ba020f
SHA512

f6c64cfbbf984ae46f95630f4d28c8098862f39e53e19cda077119a1f16ab2520956db3216911a44d835768e71291da9ef91e47d9d1706e406fb717efeb9a60f

Score

10^/10

systembc persistence

Malware Config

Extracted

Family

systembc

C2

185.61.138.99:4115

pikabu.store:4115

Targets

- Target
  
  68acbe23860fcebf344008d37030ba4f3d2a4e2fb209a72a2142690a32ba020f
- Size
  
  30KB
- MD5
  
  7a0ae9fabc401ba06f5e0900a7abed9b
- SHA1
  
  d39f9fb40153e0c9c381c76fce0a167759972924
- SHA256
  
  68acbe23860fcebf344008d37030ba4f3d2a4e2fb209a72a2142690a32ba020f
- SHA512
  
  f6c64cfbbf984ae46f95630f4d28c8098862f39e53e19cda077119a1f16ab2520956db3216911a44d835768e71291da9ef91e47d9d1706e406fb717efeb9a60f
Score

8^/10

persistence
- Blocklisted process makes network request
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2