systembc | eeb70157878895f60fe11a8cb0f37907549cd44857592d7ee0a769a9eef9dced | Triage

Submit
Reports

Overview

overview

Static

static

8

eeb7015787...ed.exe

windows7_x64

eeb7015787...ed.exe

windows10-2004_x64

Sharing

General

Target

eeb70157878895f60fe11a8cb0f37907549cd44857592d7ee0a769a9eef9dced
Size

234KB
Sample

220320-a5d7qaddb9
MD5

226ee1dec8ea871161b64020b2ee8663
SHA1

0866413ef90e37186ff269d1270e57c2b50f6b2f
SHA256

eeb70157878895f60fe11a8cb0f37907549cd44857592d7ee0a769a9eef9dced
SHA512

c5d8eff81783afae5f6de0e8aeb0586ca7af086ee99c6fcff87867730cb36f6a4c067bc82a2c32e6a10fff1d24c93a57931270d2df4c33d317965499cb7f651d

Score

10^/10

systembc trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

eeb70157878895f60fe11a8cb0f37907549cd44857592d7ee0a769a9eef9dced.exe

Resource

win7-20220310-en

systembc trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

eeb70157878895f60fe11a8cb0f37907549cd44857592d7ee0a769a9eef9dced.exe

Resource

win10v2004-en-20220113

systembc trojan upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

systembc

C2

dec15coma.com:4039

dec15coma.xyz:4039

Targets

- Target
  
  eeb70157878895f60fe11a8cb0f37907549cd44857592d7ee0a769a9eef9dced
- Size
  
  234KB
- MD5
  
  226ee1dec8ea871161b64020b2ee8663
- SHA1
  
  0866413ef90e37186ff269d1270e57c2b50f6b2f
- SHA256
  
  eeb70157878895f60fe11a8cb0f37907549cd44857592d7ee0a769a9eef9dced
- SHA512
  
  c5d8eff81783afae5f6de0e8aeb0586ca7af086ee99c6fcff87867730cb36f6a4c067bc82a2c32e6a10fff1d24c93a57931270d2df4c33d317965499cb7f651d
Score

10^/10

systembc trojan upx
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

systembctrojanupx

behavioral2

systembctrojanupx

© 2018-2024

Terms | Privacy