General

  • Target

    socksupd.exe

  • Size

    197KB

  • Sample

    220925-arh9hsdhbr

  • MD5

    57eb1430903457db36a36023304f8a38

  • SHA1

    831f481eebdf994a1cfacca5a9f53e1f6f93e0fd

  • SHA256

    1962f91125c15839d9e18b7273f1831cae8a191c574577210dda1a424e9e7628

  • SHA512

    a33af94ab2083e6beb5631ce4ff8c5340b4bf10e7a15727aef6817ec4dfd7c6771f90abc8bca397319d571cc8c165c7182528bab2e962f168530b7a496da683e

  • SSDEEP

    3072:L6oyUN8LiJ4Ut3Fec85snm3HlR0zMgilHB9tEOzOGI8pJ/CB9XB/PkF4x:LXoLilt3FeKm1RgMrlHB92O+8pu

Score
10/10

Malware Config

Extracted

Family

systembc

C2

109.107.187.226:4001

Targets

    • Target

      socksupd.exe

    • Size

      197KB

    • MD5

      57eb1430903457db36a36023304f8a38

    • SHA1

      831f481eebdf994a1cfacca5a9f53e1f6f93e0fd

    • SHA256

      1962f91125c15839d9e18b7273f1831cae8a191c574577210dda1a424e9e7628

    • SHA512

      a33af94ab2083e6beb5631ce4ff8c5340b4bf10e7a15727aef6817ec4dfd7c6771f90abc8bca397319d571cc8c165c7182528bab2e962f168530b7a496da683e

    • SSDEEP

      3072:L6oyUN8LiJ4Ut3Fec85snm3HlR0zMgilHB9tEOzOGI8pJ/CB9XB/PkF4x:LXoLilt3FeKm1RgMrlHB92O+8pu

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Executes dropped EXE

MITRE ATT&CK Matrix

Tasks