General
Target

7b7328a020bf16f8a3915f1a0b4e7ecb.exe

Filesize

13KB

Completed

05-05-2022 14:44

Task

behavioral2

Score
10/10
MD5

7b7328a020bf16f8a3915f1a0b4e7ecb

SHA1

dd3636d4d11c4a1b9618622cbf758c18dd89cffa

SHA256

e2cc138b0051fc6d2dce76941e2190d964c51754dac13705f63dad2941ccbba7

SHA256

cae2e70cc0e380f3d3cf50689ec36db97559bd9726c97c9b7016b05297f060c456e0e24a9e518eda258f9bdf999a760077946ff7755040ad5cb007768630f053

Malware Config
Signatures 2

Filter: none

  • suricata: ET MALWARE Win32/SystemBC CnC Checkin

    Description

    suricata: ET MALWARE Win32/SystemBC CnC Checkin

    Tags

  • Drops file in Windows directory
    7b7328a020bf16f8a3915f1a0b4e7ecb.exe

    Reported IOCs

    descriptioniocprocess
    File createdC:\Windows\Tasks\wow64.job7b7328a020bf16f8a3915f1a0b4e7ecb.exe
    File opened for modificationC:\Windows\Tasks\wow64.job7b7328a020bf16f8a3915f1a0b4e7ecb.exe
Processes 2
  • C:\Users\Admin\AppData\Local\Temp\7b7328a020bf16f8a3915f1a0b4e7ecb.exe
    "C:\Users\Admin\AppData\Local\Temp\7b7328a020bf16f8a3915f1a0b4e7ecb.exe"
    Drops file in Windows directory
    PID:2824
  • C:\Users\Admin\AppData\Local\Temp\7b7328a020bf16f8a3915f1a0b4e7ecb.exe
    C:\Users\Admin\AppData\Local\Temp\7b7328a020bf16f8a3915f1a0b4e7ecb.exe start
    PID:440
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads