Overview

overview

10

Static

static

90334ecb93...82.exe

windows7_x64

10

90334ecb93...82.exe

windows10-2004_x64

10

Resubmissions

11-04-2024 09:02

240411-kzhm3agc46 10

11-04-2024 09:00

240411-kynspabd3y 10

11-04-2024 09:00

240411-kym66abd3x 10

11-04-2024 09:00

240411-kymkmagc29 10

11-04-2024 09:00

240411-kyly4abd3w 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882

  • Size

    87KB

  • Sample

    220427-whwddabgbk

  • MD5

    c130eba9ff855403a69ec4adc6ae5db0

  • SHA1

    71c0f3213e23fc9f1c0c5d14c0095c6b59aa7446

  • SHA256

    90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882

  • SHA512

    35308bf15552b0168488eb0dfcf7fac077f79626d9e684a5bd57004d87d7e06ae5aa0c348d9866ccb6aa2e190d3727b8cde5b744f6c5ac5be4ab1aad452e6586

Score
10/10
systembcsuricatatrojan

Malware Config

Extracted

Family

systembc

C2

asdasd08.com:4039

asdasd08.xyz:4039

Targets

    • Target

      90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882

    • Size

      87KB

    • MD5

      c130eba9ff855403a69ec4adc6ae5db0

    • SHA1

      71c0f3213e23fc9f1c0c5d14c0095c6b59aa7446

    • SHA256

      90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882

    • SHA512

      35308bf15552b0168488eb0dfcf7fac077f79626d9e684a5bd57004d87d7e06ae5aa0c348d9866ccb6aa2e190d3727b8cde5b744f6c5ac5be4ab1aad452e6586

    Score
    10/10
    systembcsuricatatrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query

      suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query

      suricata

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

1
T1090

Impact

Tasks