Extracted

• • Target

    b0447405eb71302c0c7f5caf439a9ccada14c7539fad803c45841171dc785a9a

  • Size

    339KB

  • MD5

    0fe587befbb434b018985d6a1fea727c

  • SHA1

    421424778acaf5c01b591fae09f1ea2ea687830c

  • SHA256

    b0447405eb71302c0c7f5caf439a9ccada14c7539fad803c45841171dc785a9a

  • SHA512

    7da23fde6f98826860687fd8c3e4a03d24a8a1da40825ea15cd30fbb6e867311b98e6d965f57073fa430738cc27bdb81eb0072bf70c280deb1e3cded6975b764

  Score

  10^/10

  systembcsuricatatrojan

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc

  • suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query

    suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query

    suricata

  • Executes dropped EXE

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Uses Tor communications

    Malware can proxy its traffic through Tor for more anonymity.

  behavioral1behavioral2