General
-
Target
90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882
-
Size
87KB
-
Sample
220427-whwddabgbk
-
MD5
c130eba9ff855403a69ec4adc6ae5db0
-
SHA1
71c0f3213e23fc9f1c0c5d14c0095c6b59aa7446
-
SHA256
90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882
-
SHA512
35308bf15552b0168488eb0dfcf7fac077f79626d9e684a5bd57004d87d7e06ae5aa0c348d9866ccb6aa2e190d3727b8cde5b744f6c5ac5be4ab1aad452e6586
Static task
static1
Behavioral task
behavioral1
Sample
90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882.exe
Resource
win7-20220414-en
Malware Config
Extracted
systembc
asdasd08.com:4039
asdasd08.xyz:4039
Targets
-
-
Target
90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882
-
Size
87KB
-
MD5
c130eba9ff855403a69ec4adc6ae5db0
-
SHA1
71c0f3213e23fc9f1c0c5d14c0095c6b59aa7446
-
SHA256
90334ecb93afa6abb9d5739738b4b03437b0ee1829253bb3c4b966a1bf9f3882
-
SHA512
35308bf15552b0168488eb0dfcf7fac077f79626d9e684a5bd57004d87d7e06ae5aa0c348d9866ccb6aa2e190d3727b8cde5b744f6c5ac5be4ab1aad452e6586
-
suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query
suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Uses Tor communications
Malware can proxy its traffic through Tor for more anonymity.
-