systembc | 10fd1c7aabf703640bf16c35aed6a1507efbf6da46ab534d12b911fe307e0b28 | Triage

Submit
Reports

Overview

overview

Static

static

8

10fd1c7aab...28.exe

windows7_x64

10fd1c7aab...28.exe

windows10-2004_x64

Sharing

General

Target

10fd1c7aabf703640bf16c35aed6a1507efbf6da46ab534d12b911fe307e0b28
Size

172KB
Sample

220320-dycl4agaa3
MD5

6047ef3dc3006268a9406af1a7be63e3
SHA1

57602f69a5e7d855643b61e80ff32c1947cc6d64
SHA256

10fd1c7aabf703640bf16c35aed6a1507efbf6da46ab534d12b911fe307e0b28
SHA512

1e2ca97ab3e0edbbc44c89e6f854fcfb78a9b8927f8b970ac2971aa58a4011ab1cf1a66bc8efbfa60d30dbdd45df538e21e89ef876b410c1d66950ce8a4a4613

Score

10^/10

systembc trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

10fd1c7aabf703640bf16c35aed6a1507efbf6da46ab534d12b911fe307e0b28.exe

Resource

win7-20220311-en

systembc trojan upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

10fd1c7aabf703640bf16c35aed6a1507efbf6da46ab534d12b911fe307e0b28.exe

Resource

win10v2004-20220310-en

systembc trojan upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

systembc

C2

dec15coma.com:4039

dec15coma.xyz:4039

Targets

- Target
  
  10fd1c7aabf703640bf16c35aed6a1507efbf6da46ab534d12b911fe307e0b28
- Size
  
  172KB
- MD5
  
  6047ef3dc3006268a9406af1a7be63e3
- SHA1
  
  57602f69a5e7d855643b61e80ff32c1947cc6d64
- SHA256
  
  10fd1c7aabf703640bf16c35aed6a1507efbf6da46ab534d12b911fe307e0b28
- SHA512
  
  1e2ca97ab3e0edbbc44c89e6f854fcfb78a9b8927f8b970ac2971aa58a4011ab1cf1a66bc8efbfa60d30dbdd45df538e21e89ef876b410c1d66950ce8a4a4613
Score

10^/10

systembc trojan upx
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

systembctrojanupx

behavioral2

systembctrojanupx

© 2018-2024

Terms | Privacy