systembc | 61910440b8efa275a9aeb143b4d0441b4f67900f8710e8464e4dc4795739268a | Triage

Sharing

General

Target

61910440b8efa275a9aeb143b4d0441b4f67900f8710e8464e4dc4795739268a
Size

70KB
Sample

220414-nrlarsaaa3
MD5

f195e871b1ab880b23404610b2b72020
SHA1

e1098fe407ab6c57d42cb30b31959eb1c9d3eacf
SHA256

61910440b8efa275a9aeb143b4d0441b4f67900f8710e8464e4dc4795739268a
SHA512

1ceb677353244633fe6d0ee7c253e15c8bab140f01cc82374024e58ae48fd46218f3049e636de1830f671b83f4d619f2253ee266a3820662d5c02a371af8737e

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

asdasd08.com:4039

asdasd08.xyz:4039

Targets

- Target
  
  61910440b8efa275a9aeb143b4d0441b4f67900f8710e8464e4dc4795739268a
- Size
  
  70KB
- MD5
  
  f195e871b1ab880b23404610b2b72020
- SHA1
  
  e1098fe407ab6c57d42cb30b31959eb1c9d3eacf
- SHA256
  
  61910440b8efa275a9aeb143b4d0441b4f67900f8710e8464e4dc4795739268a
- SHA512
  
  1ceb677353244633fe6d0ee7c253e15c8bab140f01cc82374024e58ae48fd46218f3049e636de1830f671b83f4d619f2253ee266a3820662d5c02a371af8737e
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2