e71a3a3daea6774b51d0e10142ce3ef4168175ef3415fd095a1e5c0486f02763

Target

Size

95KB

Sample

220511-cw75jsgcdk

Score

10 ^/10

MD5

0fa62d99e9fa9e4da58a1e2a7dc3d5a9

SHA1

cf0f9fa093bc1a1ff51c368194e03c8bf66d6a73

SHA256

e71a3a3daea6774b51d0e10142ce3ef4168175ef3415fd095a1e5c0486f02763

SHA512

58fb9d1689a69bd63bea760cefadc18d3821e545b1540f166e63f65e480b62a3e36e6a327539dd0ae729c073d38d497e2ac091b6fec6a044fe8be0bb9e66b729

Extracted

Family	systembc
C2	dasdasd28asd.com:4035 sasdcs28sd.xyz:4035 dasdasd28asd.com:4035 sasdcs28sd.xyz:4035

Target

e71a3a3daea6774b51d0e10142ce3ef4168175ef3415fd095a1e5c0486f02763

MD5

0fa62d99e9fa9e4da58a1e2a7dc3d5a9

Filesize

95KB

Score

10^/10

SHA1

cf0f9fa093bc1a1ff51c368194e03c8bf66d6a73

SHA256

e71a3a3daea6774b51d0e10142ce3ef4168175ef3415fd095a1e5c0486f02763

SHA512

58fb9d1689a69bd63bea760cefadc18d3821e545b1540f166e63f65e480b62a3e36e6a327539dd0ae729c073d38d497e2ac091b6fec6a044fe8be0bb9e66b729

Signatures

SystemBC
Description

SystemBC is a proxy and remote administration tool first seen in 2019.
Tags

trojan systembc
Executes dropped EXE
Looks up external IP address via web service
Description

Uses a legitimate IP lookup service to find the infected system's external IP.
Uses Tor communications
Description

Malware can proxy its traffic through Tor for more anonymity.
TTPs

Connection Proxy

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Connection Proxy

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

behavioral1

systembc trojan

10^/10

behavioral2

systembc trojan

10^/10

Extracted

Tags

Signatures

SystemBC

Description

Tags

Executes dropped EXE

Looks up external IP address via web service

Description

Uses Tor communications

Description

TTPs

Related Tasks

static1

behavioral1

behavioral2