Overview

overview

10

Static

static

fdc98ea338...20.exe

windows7_x64

10

fdc98ea338...20.exe

windows10-2004_x64

10

Resubmissions

18-04-2024 05:25

240418-f4hreadf5z 10

18-04-2024 05:25

240418-f4fl2scd33 10

18-04-2024 05:25

240418-f4fbaadf5v 10

18-04-2024 05:25

240418-f4edzscd32 10

18-04-2024 05:25

240418-f4dsfscd29 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fdc98ea3381d04350e38b592c2c63090d6f0bd32388a21fcfc5b7bfcb9753d20

  • Size

    121KB

  • Sample

    220508-3cgflaaeh3

  • MD5

    2140899e877c2bb95f71f77c31e205ce

  • SHA1

    b7322db66f0c4b5a48c10ca3213b899131045d11

  • SHA256

    fdc98ea3381d04350e38b592c2c63090d6f0bd32388a21fcfc5b7bfcb9753d20

  • SHA512

    6856af4f8cb1fceede24360c7e081e6beea701a44b80e6276db719e5cba3b6cf5f7fae8df4ce56852ea34e73dfa4e091a8ac258d1efb596e0d7224b33402fe07

Score
10/10
systembcsuricatatrojan

Malware Config

Extracted

Family

systembc

C2

sdadvert197.com:4044

mexstat128.com:4044

Targets

    • Target

      fdc98ea3381d04350e38b592c2c63090d6f0bd32388a21fcfc5b7bfcb9753d20

    • Size

      121KB

    • MD5

      2140899e877c2bb95f71f77c31e205ce

    • SHA1

      b7322db66f0c4b5a48c10ca3213b899131045d11

    • SHA256

      fdc98ea3381d04350e38b592c2c63090d6f0bd32388a21fcfc5b7bfcb9753d20

    • SHA512

      6856af4f8cb1fceede24360c7e081e6beea701a44b80e6276db719e5cba3b6cf5f7fae8df4ce56852ea34e73dfa4e091a8ac258d1efb596e0d7224b33402fe07

    Score
    10/10
    systembcsuricatatrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query

      suricata: ET MALWARE Observed SystemBC CnC Domain in DNS Query

      suricata

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

1
T1090

Impact

Tasks