systembc | 9ff5246727eb8baf06d825830b061df21a7e7b8ecf0f4f584da3b886643f84ed | Triage

Sharing

General

Target

9ff5246727eb8baf06d825830b061df21a7e7b8ecf0f4f584da3b886643f84ed
Size

95KB
Sample

220201-lle6fschb3
MD5

60da44c3d55f57e19fbdc9b6e9219a0a
SHA1

ebe56f8ae1f7fc3e958925e0682fe4bc15bb19c9
SHA256

9ff5246727eb8baf06d825830b061df21a7e7b8ecf0f4f584da3b886643f84ed
SHA512

765c52f5eabb2012ef113f1b81a2656390fb1527124961a7a5e401550aac864a2074b0d64b34ebe5e912e70058b6a470e5bb499041bf8c775c4a04e16c419a3c

Score

10^/10

systembc persistence trojan

Malware Config

Extracted

Family

systembc

C2

31.44.184.201:4081

31.44.184.202:4081

Targets

- Target
  
  9ff5246727eb8baf06d825830b061df21a7e7b8ecf0f4f584da3b886643f84ed
- Size
  
  95KB
- MD5
  
  60da44c3d55f57e19fbdc9b6e9219a0a
- SHA1
  
  ebe56f8ae1f7fc3e958925e0682fe4bc15bb19c9
- SHA256
  
  9ff5246727eb8baf06d825830b061df21a7e7b8ecf0f4f584da3b886643f84ed
- SHA512
  
  765c52f5eabb2012ef113f1b81a2656390fb1527124961a7a5e401550aac864a2074b0d64b34ebe5e912e70058b6a470e5bb499041bf8c775c4a04e16c419a3c
Score

10^/10

systembc trojan persistence
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

systembcpersistencetrojan