systembc | c51cf33451f5667a1a5ff3790cfe930580f00cbccbc8c7d19876c1048deed18a | Triage

Sharing

General

Target

c51cf33451f5667a1a5ff3790cfe930580f00cbccbc8c7d19876c1048deed18a
Size

96KB
Sample

220417-wevbxacfdl
MD5

a04c8b219c9cc54437b337b0f9efbf9b
SHA1

2f8c91d4074917f25be71102344d8415aa2b1756
SHA256

c51cf33451f5667a1a5ff3790cfe930580f00cbccbc8c7d19876c1048deed18a
SHA512

0baf265384b689f2414b10e6628a5c84fae66728618954784944e176e202eff988a20f9e1fcb35b44f3df23c87dcbdddad9485d1d97975ff4f1515e8e547ac6b

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

23hfdne.com:4035

23hfdne.xyz:4035

Targets

- Target
  
  c51cf33451f5667a1a5ff3790cfe930580f00cbccbc8c7d19876c1048deed18a
- Size
  
  96KB
- MD5
  
  a04c8b219c9cc54437b337b0f9efbf9b
- SHA1
  
  2f8c91d4074917f25be71102344d8415aa2b1756
- SHA256
  
  c51cf33451f5667a1a5ff3790cfe930580f00cbccbc8c7d19876c1048deed18a
- SHA512
  
  0baf265384b689f2414b10e6628a5c84fae66728618954784944e176e202eff988a20f9e1fcb35b44f3df23c87dcbdddad9485d1d97975ff4f1515e8e547ac6b
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2