systembc | 1cbfeebc0561f8989bd66b25807a8d20cbe1ef91b021b16296c38ca02603448a | Triage

Sharing

General

Target

1cbfeebc0561f8989bd66b25807a8d20cbe1ef91b021b16296c38ca02603448a
Size

254KB
Sample

220419-qtacdsaeej
MD5

db935d9703763461691ff0250366cfcc
SHA1

711569fe53a73d8083bc895f731e80a9a08d3814
SHA256

1cbfeebc0561f8989bd66b25807a8d20cbe1ef91b021b16296c38ca02603448a
SHA512

d50c59b46ea4488560a9c343ad2108a3db47e0d33f636758362a2ed3d014f5feab6b0143196fb4ab116fec120433346cf2b43f19341a831cd7e0585c28c31555

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

26asdcgd.com:4039

26asdcgd.xyz:4039

Targets

- Target
  
  1cbfeebc0561f8989bd66b25807a8d20cbe1ef91b021b16296c38ca02603448a
- Size
  
  254KB
- MD5
  
  db935d9703763461691ff0250366cfcc
- SHA1
  
  711569fe53a73d8083bc895f731e80a9a08d3814
- SHA256
  
  1cbfeebc0561f8989bd66b25807a8d20cbe1ef91b021b16296c38ca02603448a
- SHA512
  
  d50c59b46ea4488560a9c343ad2108a3db47e0d33f636758362a2ed3d014f5feab6b0143196fb4ab116fec120433346cf2b43f19341a831cd7e0585c28c31555
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Connection Proxy

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Connection Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2