systembc | 7dd44d3b3df4f14474d20ffa23e2fb20dcf22ed3a1458b345a1bd85563ac4a62 | Triage

Sharing

General

Target

5986aff76e7813045b1b130efbb10d30.exe
Size

1.9MB
Sample

220927-gcv34acfc8
MD5

5986aff76e7813045b1b130efbb10d30
SHA1

62b1f733fe7ed0c0230c20dae3c4a65ecb28e180
SHA256

7dd44d3b3df4f14474d20ffa23e2fb20dcf22ed3a1458b345a1bd85563ac4a62
SHA512

bfa2cad2bbbb61af7dbd22818db048ddaf68e2e22d1c55d80450a7a0c4c31c09bf596f04ebc2a7f55ac70c294ae01d3e8987af4d0bbb60c63662d21c008b3115
SSDEEP

24576:ytmVBxgdQncWHOY7XgOxv5zM44Q84u7cpS/G6bLZLI6FMPNK/bAkA/lDA:Jjou3H/Dxxr40uIB6bO6mYPAS

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

89.22.225.242:4193

195.2.93.22:4193

Targets

- Target
  
  5986aff76e7813045b1b130efbb10d30.exe
- Size
  
  1.9MB
- MD5
  
  5986aff76e7813045b1b130efbb10d30
- SHA1
  
  62b1f733fe7ed0c0230c20dae3c4a65ecb28e180
- SHA256
  
  7dd44d3b3df4f14474d20ffa23e2fb20dcf22ed3a1458b345a1bd85563ac4a62
- SHA512
  
  bfa2cad2bbbb61af7dbd22818db048ddaf68e2e22d1c55d80450a7a0c4c31c09bf596f04ebc2a7f55ac70c294ae01d3e8987af4d0bbb60c63662d21c008b3115
- SSDEEP
  
  24576:ytmVBxgdQncWHOY7XgOxv5zM44Q84u7cpS/G6bLZLI6FMPNK/bAkA/lDA:Jjou3H/Dxxr40uIB6bO6mYPAS
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Remote System Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2