systembc | 6cbce4db4d81c67bdf8a077e493fe2ac29c07774baa33def3389c139ddef5e42 | Triage

Sharing

General

Target

6cbce4db4d81c67bdf8a077e493fe2ac29c07774baa33def3389c139ddef5e42
Size

276KB
Sample

220325-a3d4yaheb4
MD5

822285256eafa07724fd29f8e85c759e
SHA1

5da5dc2c1be087ce6046f6903a6c773b28a3b6cf
SHA256

6cbce4db4d81c67bdf8a077e493fe2ac29c07774baa33def3389c139ddef5e42
SHA512

4d93d7250dc210fff4d54802253d98f5f868f4a273b0a83207a77617657c2ccc7748c9b6743096c7a9bffa9a24221f014d83986f2b6e7751754bf090b4a6a9a0

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

advertrex20.xyz:4044

gentexman37.xyz:4044

Targets

- Target
  
  6cbce4db4d81c67bdf8a077e493fe2ac29c07774baa33def3389c139ddef5e42
- Size
  
  276KB
- MD5
  
  822285256eafa07724fd29f8e85c759e
- SHA1
  
  5da5dc2c1be087ce6046f6903a6c773b28a3b6cf
- SHA256
  
  6cbce4db4d81c67bdf8a077e493fe2ac29c07774baa33def3389c139ddef5e42
- SHA512
  
  4d93d7250dc210fff4d54802253d98f5f868f4a273b0a83207a77617657c2ccc7748c9b6743096c7a9bffa9a24221f014d83986f2b6e7751754bf090b4a6a9a0
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2