Overview

overview

10

Static

static

702a1b613e...a3.exe

windows7_x64

10

702a1b613e...a3.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    702a1b613e1293c407192b59d890b208f6a3b0c71c75f292b9d45b566591eda3

  • Size

    209KB

  • Sample

    220212-dr6atsghcq

  • MD5

    5cdf1b191b0b18d04353640f96c5daef

  • SHA1

    ea46f37af7b78d91934ab0010abaf436437585f9

  • SHA256

    702a1b613e1293c407192b59d890b208f6a3b0c71c75f292b9d45b566591eda3

  • SHA512

    3439b69b3e6db586dc8733094e2ca265a67c58e499c163f4be7d780bf2febe18819163b7e34108a4e3ff6f94e7f770345c099df69b50c82f455dfb15622d0be4

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

195.2.73.44:4001

Targets

    • Target

      702a1b613e1293c407192b59d890b208f6a3b0c71c75f292b9d45b566591eda3

    • Size

      209KB

    • MD5

      5cdf1b191b0b18d04353640f96c5daef

    • SHA1

      ea46f37af7b78d91934ab0010abaf436437585f9

    • SHA256

      702a1b613e1293c407192b59d890b208f6a3b0c71c75f292b9d45b566591eda3

    • SHA512

      3439b69b3e6db586dc8733094e2ca265a67c58e499c163f4be7d780bf2febe18819163b7e34108a4e3ff6f94e7f770345c099df69b50c82f455dfb15622d0be4

    Score
    10/10
    systembctrojan

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks