systembc | 134aec21b9a203def04fecc854e19e5f59bc129c0a42bf8c10aa5af161077bb7 | Triage

Sharing

General

Target

134aec21b9a203def04fecc854e19e5f59bc129c0a42bf8c10aa5af161077bb7
Size

319KB
Sample

220212-pa62ksdggp
MD5

03a38f91d32612992a31ea130aa780db
SHA1

74f0b8e1e5e3d91069ed061856cbc7306b5c852c
SHA256

134aec21b9a203def04fecc854e19e5f59bc129c0a42bf8c10aa5af161077bb7
SHA512

78cdbafd83805efaf9c23e9f8ff0113fe379cdcd975a09162fa64c010028e6d3b404cd0e25ec3fb769ec3dfef23e2aed510ce0baf0c9391d6fa968dcb3c62848

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

185.209.30.180:4001

Targets

- Target
  
  134aec21b9a203def04fecc854e19e5f59bc129c0a42bf8c10aa5af161077bb7
- Size
  
  319KB
- MD5
  
  03a38f91d32612992a31ea130aa780db
- SHA1
  
  74f0b8e1e5e3d91069ed061856cbc7306b5c852c
- SHA256
  
  134aec21b9a203def04fecc854e19e5f59bc129c0a42bf8c10aa5af161077bb7
- SHA512
  
  78cdbafd83805efaf9c23e9f8ff0113fe379cdcd975a09162fa64c010028e6d3b404cd0e25ec3fb769ec3dfef23e2aed510ce0baf0c9391d6fa968dcb3c62848
Score

10^/10

systembc trojan
- Suspicious use of NtCreateProcessExOtherParentProcess
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2