systembc | 1479da55bc8333e46c9923be0e8a57f6597fe4482e263f37581fadb8492eb7c7 | Triage

Submit
Reports

Overview

overview

Static

static

s.exe

windows7_x64

s.exe

windows10-2004_x64

Sharing

General

Target

s.exe
Size

261KB
Sample

220206-lx6gsahebk
MD5

b536287b4579805e670c79ba866c7d46
SHA1

31266436fe5ce008a27d96e729470a75dde1c440
SHA256

1479da55bc8333e46c9923be0e8a57f6597fe4482e263f37581fadb8492eb7c7
SHA512

f4ef6338a30b4b7a4b1b812cc5763c8528cba357d5969a0d07b49df6b3d92644144fdd7ec38ef23a35e84f6c3e0eecf2b5e43b08dc6a5eaaeb7c8390f27ee508

Score

10^/10

systembc suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

s.exe

Resource

win7-en-20211208

systembc suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

s.exe

Resource

win10v2004-en-20220112

systembc suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

systembc

C2

194.33.45.6:4001

Targets

- Target
  
  s.exe
- Size
  
  261KB
- MD5
  
  b536287b4579805e670c79ba866c7d46
- SHA1
  
  31266436fe5ce008a27d96e729470a75dde1c440
- SHA256
  
  1479da55bc8333e46c9923be0e8a57f6597fe4482e263f37581fadb8492eb7c7
- SHA512
  
  f4ef6338a30b4b7a4b1b812cc5763c8528cba357d5969a0d07b49df6b3d92644144fdd7ec38ef23a35e84f6c3e0eecf2b5e43b08dc6a5eaaeb7c8390f27ee508
Score

10^/10

systembc suricata trojan
- Suspicious use of NtCreateProcessExOtherParentProcess
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
  suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)
  suricata
- suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile
  suricata
- suricata: ET MALWARE Win32/SystemBC CnC Checkin
  suricata: ET MALWARE Win32/SystemBC CnC Checkin
  suricata
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcsuricatatrojan

behavioral2

systembcsuricatatrojan

© 2018-2024

Terms | Privacy