Overview

overview

10

Static

static

0d079a931e...a7.dll

windows7-x64

10

0d079a931e...a7.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0d079a931e42f554016db36476e55ba7.dll

  • Size

    7.2MB

  • Sample

    221209-lvg2each35

  • MD5

    0d079a931e42f554016db36476e55ba7

  • SHA1

    d5f1ab52221019c746f1cc59a45ce18d0b817496

  • SHA256

    ead2c5aaf92fe07db45b99587f586c7a45f92c67220cd8113a5d2e7bcb320798

  • SHA512

    1496f1296df89e1da8780f175631e2551300a99e6c7ea43d2750653fdf6e7ed096fdedd9f0d23b94190ecf418da09cf9c9b6caee5821ba1c457f0294063bbc9e

  • SSDEEP

    196608:l3ksPqmzcl+LG314Hujb7KgkYCbGNBmHTER:lUON+2HBb8

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

89.22.236.225:4193

176.124.205.5:4193

Targets

    • Target

      0d079a931e42f554016db36476e55ba7.dll

    • Size

      7.2MB

    • MD5

      0d079a931e42f554016db36476e55ba7

    • SHA1

      d5f1ab52221019c746f1cc59a45ce18d0b817496

    • SHA256

      ead2c5aaf92fe07db45b99587f586c7a45f92c67220cd8113a5d2e7bcb320798

    • SHA512

      1496f1296df89e1da8780f175631e2551300a99e6c7ea43d2750653fdf6e7ed096fdedd9f0d23b94190ecf418da09cf9c9b6caee5821ba1c457f0294063bbc9e

    • SSDEEP

      196608:l3ksPqmzcl+LG314Hujb7KgkYCbGNBmHTER:lUON+2HBb8

    Score
    10/10
    systembctrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Blocklisted process makes network request

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks