systembc | 934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790 | Triage

Sharing

General

Target

934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
Size

90KB
Sample

220415-hlwlnaddd6
MD5

6091938947f0a7196a622a0986000b7c
SHA1

c4fd87b56a47dc806689f585343b3ca3e4e552cd
SHA256

934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
SHA512

0edc79e4dbba2751021b8cf935aa86d4ee441d79cf15a51647889ec0fdb01d46e314136e625fe394a1594bf45f6e50599a9736fa01d3b8f22a9a073b082e0402

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

advertrex20.xyz:4044

gentexman37.xyz:4044

Targets

- Target
  
  934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
- Size
  
  90KB
- MD5
  
  6091938947f0a7196a622a0986000b7c
- SHA1
  
  c4fd87b56a47dc806689f585343b3ca3e4e552cd
- SHA256
  
  934e82163e404f59441c8c73ce0c46f7fa2a971f14dbefb33cd3132496dca790
- SHA512
  
  0edc79e4dbba2751021b8cf935aa86d4ee441d79cf15a51647889ec0fdb01d46e314136e625fe394a1594bf45f6e50599a9736fa01d3b8f22a9a073b082e0402
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2