systembc | 5eaf5d22f937189275b6fae1257fc682194ca768a91d7b5e897770ad008f7112 | Triage

Sharing

General

Target

5eaf5d22f937189275b6fae1257fc682194ca768a91d7b5e897770ad008f7112
Size

84KB
Sample

220201-mb2gdadch5
MD5

e1e6cc20c8ac3d45b335605cb3ebad92
SHA1

60ceafc423200bb22495998aaada0df0b43b3d11
SHA256

5eaf5d22f937189275b6fae1257fc682194ca768a91d7b5e897770ad008f7112
SHA512

0837073758f5453d564fceb91daa70a28381ced357a8d041480b7f44ae9dfc4ff4c161643ac259ef4d69ee967e1a9d340c9d1ec2d76afedbb3e267f788403f18

Score

10^/10

systembc persistence trojan

Malware Config

Extracted

Family

systembc

C2

31.44.184.201:4081

31.44.184.202:4081

Targets

- Target
  
  5eaf5d22f937189275b6fae1257fc682194ca768a91d7b5e897770ad008f7112
- Size
  
  84KB
- MD5
  
  e1e6cc20c8ac3d45b335605cb3ebad92
- SHA1
  
  60ceafc423200bb22495998aaada0df0b43b3d11
- SHA256
  
  5eaf5d22f937189275b6fae1257fc682194ca768a91d7b5e897770ad008f7112
- SHA512
  
  0837073758f5453d564fceb91daa70a28381ced357a8d041480b7f44ae9dfc4ff4c161643ac259ef4d69ee967e1a9d340c9d1ec2d76afedbb3e267f788403f18
Score

10^/10

systembc trojan persistence
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

systembcpersistencetrojan