Overview

overview

10

Static

static

dridex

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e960e512b8735a1e90204bf95090e4c8212ffeca04ea5129c9377e4a3c7e16f5

  • Size

    229KB

  • Sample

    220327-g7flwsaebn

  • MD5

    2da57db157586f8d96d3bf2cffa4b630

  • SHA1

    b1225c324df88955b9da69b85e3788b645e8684f

  • SHA256

    e960e512b8735a1e90204bf95090e4c8212ffeca04ea5129c9377e4a3c7e16f5

  • SHA512

    f680298390f2ad172faf870c8bb4ab778a55d698bc27460c9f98a0cf76ed4897b2d600c89b4d3ca5be583e8dfaabd6ab9902befac4c89a1c909129a539c15c77

Score
10/10
systembcsuricatatrojan

Malware Config

Extracted

Family

systembc

C2

31.44.185.6:4001

31.44.185.11:4001

Targets

    • Target

      e960e512b8735a1e90204bf95090e4c8212ffeca04ea5129c9377e4a3c7e16f5

    • Size

      229KB

    • MD5

      2da57db157586f8d96d3bf2cffa4b630

    • SHA1

      b1225c324df88955b9da69b85e3788b645e8684f

    • SHA256

      e960e512b8735a1e90204bf95090e4c8212ffeca04ea5129c9377e4a3c7e16f5

    • SHA512

      f680298390f2ad172faf870c8bb4ab778a55d698bc27460c9f98a0cf76ed4897b2d600c89b4d3ca5be583e8dfaabd6ab9902befac4c89a1c909129a539c15c77

    Score
    10/10
    systembcsuricatatrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)

      suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)

      suricata

    • suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile

      suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile

      suricata

    • suricata: ET MALWARE Win32/SystemBC CnC Checkin

      suricata: ET MALWARE Win32/SystemBC CnC Checkin

      suricata

    • Downloads MZ/PE file

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix

Tasks