Overview

overview

10

Static

static

8

8e6dd1a50d...f0.exe

windows7_x64

10

8e6dd1a50d...f0.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e6dd1a50d58aef4a86f76c340f6a36faee0ec4f97886978d43a870be5b508f0

  • Size

    233KB

  • Sample

    220319-3pt78accdr

  • MD5

    cc16e6e7af14fcf5f4a001b85930dc8f

  • SHA1

    580b5baff09663396fb27d52e43a58ef25ed43dd

  • SHA256

    8e6dd1a50d58aef4a86f76c340f6a36faee0ec4f97886978d43a870be5b508f0

  • SHA512

    c451ec2e3056086842b52e8105a04a67a50609d1e8a7c296e7171432ccc5572c62e69b1edb8d6e600ddb451240847ba4d8621452ea99e98036978cc3712274d9

Score
10/10
systembctrojanupx

Malware Config

Extracted

Family

systembc

C2

dec15coma.com:4039

dec15coma.xyz:4039

Targets

    • Target

      8e6dd1a50d58aef4a86f76c340f6a36faee0ec4f97886978d43a870be5b508f0

    • Size

      233KB

    • MD5

      cc16e6e7af14fcf5f4a001b85930dc8f

    • SHA1

      580b5baff09663396fb27d52e43a58ef25ed43dd

    • SHA256

      8e6dd1a50d58aef4a86f76c340f6a36faee0ec4f97886978d43a870be5b508f0

    • SHA512

      c451ec2e3056086842b52e8105a04a67a50609d1e8a7c296e7171432ccc5572c62e69b1edb8d6e600ddb451240847ba4d8621452ea99e98036978cc3712274d9

    Score
    10/10
    systembctrojanupx

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks