systembc | 1478aec44d67217a18fb2b88e9db45b9c15c468f2498f56f09a5d1fef4eafb66 | Triage

Sharing

General

Target

1478aec44d67217a18fb2b88e9db45b9c15c468f2498f56f09a5d1fef4eafb66
Size

51KB
Sample

220201-mzcg6adff4
MD5

914a8a27c511bacea375dbee8d88e165
SHA1

d017bdad365f3ecfda7a0c0936f6ed8c708c413c
SHA256

1478aec44d67217a18fb2b88e9db45b9c15c468f2498f56f09a5d1fef4eafb66
SHA512

884418991e70ed09aaa40381888cd3fbe9b739665d515aae055fab8b0bfd239f3a5d647887633ef58d6d1b36a3af3e2269c283d75fe32a68eb0e24d07310818a

Score

10^/10

systembc persistence trojan

Malware Config

Extracted

Family

systembc

C2

141.255.166.149:4125

5.188.62.165:4125

Targets

- Target
  
  1478aec44d67217a18fb2b88e9db45b9c15c468f2498f56f09a5d1fef4eafb66
- Size
  
  51KB
- MD5
  
  914a8a27c511bacea375dbee8d88e165
- SHA1
  
  d017bdad365f3ecfda7a0c0936f6ed8c708c413c
- SHA256
  
  1478aec44d67217a18fb2b88e9db45b9c15c468f2498f56f09a5d1fef4eafb66
- SHA512
  
  884418991e70ed09aaa40381888cd3fbe9b739665d515aae055fab8b0bfd239f3a5d647887633ef58d6d1b36a3af3e2269c283d75fe32a68eb0e24d07310818a
Score

10^/10

systembc trojan persistence
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

systembcpersistencetrojan