Overview

overview

10

Static

static

3d44aa7a97...a3.exe

windows7_x64

10

3d44aa7a97...a3.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d44aa7a97608eb72bb53fc9c679e21381867f6e5a2a3.exe

  • Size

    344KB

  • Sample

    220216-v1eb5scac7

  • MD5

    0c8e60e686bed8b0debc760b085f89a7

  • SHA1

    60eae9962d92223a448f978004972f4be2f10588

  • SHA256

    3d44aa7a97608eb72bb53fc9c679e21381867f6e5a2a370689dc516c2418a58e

  • SHA512

    e0be1a48c2715c820306ca43443f010ab65589525e35755e42df8291dfad083cb2f6f8204f44c4248269221212eaf8f73fdf1c44f24be217d40e42a0b62648f3

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

107.155.124.13:4001

Targets

    • Target

      3d44aa7a97608eb72bb53fc9c679e21381867f6e5a2a3.exe

    • Size

      344KB

    • MD5

      0c8e60e686bed8b0debc760b085f89a7

    • SHA1

      60eae9962d92223a448f978004972f4be2f10588

    • SHA256

      3d44aa7a97608eb72bb53fc9c679e21381867f6e5a2a370689dc516c2418a58e

    • SHA512

      e0be1a48c2715c820306ca43443f010ab65589525e35755e42df8291dfad083cb2f6f8204f44c4248269221212eaf8f73fdf1c44f24be217d40e42a0b62648f3

    Score
    10/10
    systembctrojan

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks