Overview

overview

10

Static

static

88f4f48515...a9.exe

windows7_x64

10

88f4f48515...a9.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    88f4f48515fa6a2e7499d28c5d1a6c3558785c1b136ce60c5815a5f9095cb1a9

  • Size

    357KB

  • Sample

    220417-jvsrsseeh3

  • MD5

    32294f57e6775a1395ece90371a9deb3

  • SHA1

    f10794c6e6df36de1d5709492f25b9a5a5a246ae

  • SHA256

    88f4f48515fa6a2e7499d28c5d1a6c3558785c1b136ce60c5815a5f9095cb1a9

  • SHA512

    6cf3b10b5b5dc96a57a0ceb7376c31821e821b05900edf95ead5dc70ed2b2d8bab39d950ae6653fce8a1345d9dc0ef15256ccf2116fe3cb16c40713c8cc25677

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

26asdcgd.com:4039

26asdcgd.xyz:4039

Targets

    • Target

      88f4f48515fa6a2e7499d28c5d1a6c3558785c1b136ce60c5815a5f9095cb1a9

    • Size

      357KB

    • MD5

      32294f57e6775a1395ece90371a9deb3

    • SHA1

      f10794c6e6df36de1d5709492f25b9a5a5a246ae

    • SHA256

      88f4f48515fa6a2e7499d28c5d1a6c3558785c1b136ce60c5815a5f9095cb1a9

    • SHA512

      6cf3b10b5b5dc96a57a0ceb7376c31821e821b05900edf95ead5dc70ed2b2d8bab39d950ae6653fce8a1345d9dc0ef15256ccf2116fe3cb16c40713c8cc25677

    Score
    10/10
    systembctrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks