Overview

overview

10

Static

static

8

bac4b948f4...25.exe

windows7_x64

10

bac4b948f4...25.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25

  • Size

    243KB

  • Sample

    220319-xbyqlafheq

  • MD5

    15f32b4f39a69e327b285b6cd2dd2cb9

  • SHA1

    49ca0b152b2001febfe89d4ff2bea2f989a9a819

  • SHA256

    bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25

  • SHA512

    301893a9827946bd478255cc9cbc054c21a422e76bad3f0ded321d264ff14947e1736dd66cedc236a9d82afcd0c2f0c40f5a91d57266ee49acdc6acd14767f84

Score
10/10
systembctrojanupx

Malware Config

Extracted

Family

systembc

C2

dec15coma.com:4039

dec15coma.xyz:4039

Targets

    • Target

      bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25

    • Size

      243KB

    • MD5

      15f32b4f39a69e327b285b6cd2dd2cb9

    • SHA1

      49ca0b152b2001febfe89d4ff2bea2f989a9a819

    • SHA256

      bac4b948f4a8cb9c61c6167c7aa814affe670e527190aacf4f31eace55236d25

    • SHA512

      301893a9827946bd478255cc9cbc054c21a422e76bad3f0ded321d264ff14947e1736dd66cedc236a9d82afcd0c2f0c40f5a91d57266ee49acdc6acd14767f84

    Score
    10/10
    systembctrojanupx

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks