Overview

overview

10

Static

static

dridex

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fce74c19f417a455402ddd5e2c186d3c6d87279ded542453a8fa616ed65b4889

  • Size

    272KB

  • Sample

    220327-ragg2adfgr

  • MD5

    49ff9639df0feced8aeda22671ae4c46

  • SHA1

    55215da6c5207466d26692fe76c6fdcf7eec1c5e

  • SHA256

    fce74c19f417a455402ddd5e2c186d3c6d87279ded542453a8fa616ed65b4889

  • SHA512

    bf93c9854017c031866fb2ffad727a9816e0473912d71ac3ba2162ae4253024848f350ee5f310d2869f2c2dab6622b5e92fc695de74dc133cf303f2c842a51ec

Score
10/10
systembcsuricatatrojan

Malware Config

Extracted

Family

systembc

C2

31.44.185.6:4001

31.44.185.11:4001

Targets

    • Target

      fce74c19f417a455402ddd5e2c186d3c6d87279ded542453a8fa616ed65b4889

    • Size

      272KB

    • MD5

      49ff9639df0feced8aeda22671ae4c46

    • SHA1

      55215da6c5207466d26692fe76c6fdcf7eec1c5e

    • SHA256

      fce74c19f417a455402ddd5e2c186d3c6d87279ded542453a8fa616ed65b4889

    • SHA512

      bf93c9854017c031866fb2ffad727a9816e0473912d71ac3ba2162ae4253024848f350ee5f310d2869f2c2dab6622b5e92fc695de74dc133cf303f2c842a51ec

    Score
    10/10
    systembcsuricatatrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)

      suricata: ET MALWARE Single char EXE direct download likely trojan (multiple families)

      suricata

    • suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile

      suricata: ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile

      suricata

    • suricata: ET MALWARE Win32/SystemBC CnC Checkin

      suricata: ET MALWARE Win32/SystemBC CnC Checkin

      suricata

    • Downloads MZ/PE file

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix

Tasks