General

  • Target

    e178b44b49ef86312b38d47d2bd7b01afd0643d779018c276d6dc0984dac3ea4

  • Size

    1.6MB

  • Sample

    221001-kaxexsffh7

  • MD5

    173ad4e3309313df1504b20de4e8947a

  • SHA1

    142802f581c039f147763b1545ea910abefff14f

  • SHA256

    e178b44b49ef86312b38d47d2bd7b01afd0643d779018c276d6dc0984dac3ea4

  • SHA512

    57cff4fc43411e8da4eadd248b5b725ed1c800882de7ac6ff571372257220a2a6bd0caf52afbf3a747d451146319dc1f07e3778f32c2a4f5e8ca340e6ce49fb5

  • SSDEEP

    24576:waTQTHMPCzgpL5T/nW/O+rbKEDauAyUbVoaK1kaFijsvtc0iEFvSWhVhqyAh:fcVMpL5T/W/3yTuAHu/kPslcuhXqym

Score
10/10

Malware Config

Extracted

Family

systembc

C2

89.22.225.242:4193

195.2.93.22:4193

Targets

    • Target

      e178b44b49ef86312b38d47d2bd7b01afd0643d779018c276d6dc0984dac3ea4

    • Size

      1.6MB

    • MD5

      173ad4e3309313df1504b20de4e8947a

    • SHA1

      142802f581c039f147763b1545ea910abefff14f

    • SHA256

      e178b44b49ef86312b38d47d2bd7b01afd0643d779018c276d6dc0984dac3ea4

    • SHA512

      57cff4fc43411e8da4eadd248b5b725ed1c800882de7ac6ff571372257220a2a6bd0caf52afbf3a747d451146319dc1f07e3778f32c2a4f5e8ca340e6ce49fb5

    • SSDEEP

      24576:waTQTHMPCzgpL5T/nW/O+rbKEDauAyUbVoaK1kaFijsvtc0iEFvSWhVhqyAh:fcVMpL5T/W/3yTuAHu/kPslcuhXqym

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Discovery

System Information Discovery

1
T1082

Remote System Discovery

1
T1018

Tasks