Overview

overview

10

Static

static

550c8e114b...19.exe

windows7_x64

10

550c8e114b...19.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    550c8e114b13d07fe8fd7cd6e9915267996c6634c1e81f23ff9fe7da2ba74919

  • Size

    310KB

  • Sample

    220208-ghyfeaebg9

  • MD5

    455dea94a907225687474ee6e3206c0c

  • SHA1

    23f0a35eb339aa4d7ed9040082daf13ac1db4959

  • SHA256

    550c8e114b13d07fe8fd7cd6e9915267996c6634c1e81f23ff9fe7da2ba74919

  • SHA512

    dbe42bcc911441ebd309c3df9340b000f35514d5bb6a5729a379ca770959c227fcc19d2c727dccaea23e47fcd5ee46290c055e249367aef37886f88102076b15

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

207.32.216.202:4211

192.53.123.202:4211

Targets

    • Target

      550c8e114b13d07fe8fd7cd6e9915267996c6634c1e81f23ff9fe7da2ba74919

    • Size

      310KB

    • MD5

      455dea94a907225687474ee6e3206c0c

    • SHA1

      23f0a35eb339aa4d7ed9040082daf13ac1db4959

    • SHA256

      550c8e114b13d07fe8fd7cd6e9915267996c6634c1e81f23ff9fe7da2ba74919

    • SHA512

      dbe42bcc911441ebd309c3df9340b000f35514d5bb6a5729a379ca770959c227fcc19d2c727dccaea23e47fcd5ee46290c055e249367aef37886f88102076b15

    Score
    10/10
    systembctrojan

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks