General
-
Target
cc870a688fde0923cb7932a561f2fbf6c7ad0b7c616891a349c0014e583ee21b
-
Size
1.7MB
-
Sample
221006-22cy2abcek
-
MD5
1819ed0ec175939c8a7effbada4a65c3
-
SHA1
429998ae7d3fe0c9b538f82a8c54decdead4e5c1
-
SHA256
cc870a688fde0923cb7932a561f2fbf6c7ad0b7c616891a349c0014e583ee21b
-
SHA512
163677cdae34b7feeca83642c0b56f89e336b611d512959556382868ef69350a534a587c6dc29bb90cf20783eb432aafaeac7a0e741accbe0c0d75ecf750e7b0
-
SSDEEP
24576:w2eJ419CoCAjP9+MRUOj7AilkD3alSlpawSntZORol9POBLwbKcqc5RV7Xcog3Vn:SYdPgecilkD7ywSnWRovIiJPMVNPCu
Malware Config
Extracted
systembc
89.22.225.242:4193
195.2.93.22:4193
Targets
-
-
Target
cc870a688fde0923cb7932a561f2fbf6c7ad0b7c616891a349c0014e583ee21b
-
Size
1.7MB
-
MD5
1819ed0ec175939c8a7effbada4a65c3
-
SHA1
429998ae7d3fe0c9b538f82a8c54decdead4e5c1
-
SHA256
cc870a688fde0923cb7932a561f2fbf6c7ad0b7c616891a349c0014e583ee21b
-
SHA512
163677cdae34b7feeca83642c0b56f89e336b611d512959556382868ef69350a534a587c6dc29bb90cf20783eb432aafaeac7a0e741accbe0c0d75ecf750e7b0
-
SSDEEP
24576:w2eJ419CoCAjP9+MRUOj7AilkD3alSlpawSntZORol9POBLwbKcqc5RV7Xcog3Vn:SYdPgecilkD7ywSnWRovIiJPMVNPCu
Score10/10-
SystemBC
SystemBC is a proxy and remote administration tool first seen in 2019.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-