systembc | 1088-57-0x0000000000400000-0x0000000000881000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1088-57-0x...ry.exe

windows7-x64

1088-57-0x...ry.exe

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1088-57-0x0000000000400000-0x0000000000881000-memory.exe

Resource

win7-20221111-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

1088-57-0x0000000000400000-0x0000000000881000-memory.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

1088-57-0x0000000000400000-0x0000000000881000-memory.dmp
Size

4.5MB
MD5

251c67c4d5877e34c9f9127280bcdf93
SHA1

e8602f7305295bd73b268e35ad81dc506e8c2bff
SHA256

0cedcb9b289f97c3deab79cfeb4d700801cfd65f9eb1693cb2083d1c3c56bd07
SHA512

e0a018c74f81238b7e18559662cf87a10d470644383422695c52792e8ba78ce7c711c84ee28699f9e5e9722d890011f123778f00a843358d0a1b0d18f21341d3
SSDEEP

98304:/vyNKl8ziGTiDEoKPVlk+A/ijgadpo0qBlmjmRjoEHjqwFJeH:9gBUEoKPVlJKiFo0qBcjmLL

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

slavelever.info:4248

slavelevereoewl.info:4248

Signatures

Systembc family
systembc

Files

1088-57-0x0000000000400000-0x0000000000881000-memory.dmp
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 5KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

"��岞
Size: 778.5MB - Virtual size: 696.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jnvjkypr
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xlhyrnyo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy