systembc | 2036-113-0x0000000010000000-0x0000000010B6B000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

2036-113-0...ry.dll

windows7-x64

1

2036-113-0...ry.dll

windows10-2004-x64

1

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2036-113-0x0000000010000000-0x0000000010B6B000-memory.dll

Resource

win7-20221111-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

2036-113-0x0000000010000000-0x0000000010B6B000-memory.dll

Resource

win10v2004-20220812-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

2036-113-0x0000000010000000-0x0000000010B6B000-memory.dmp
Size

11.4MB
MD5

5602bcd36cc1fbc167b322a00142e1ee
SHA1

da210f01b513d92a4046f951280aaa56b99917cf
SHA256

c174d3666b09b6f25bb2a4a4dd1051b50a1fc33baaf601c539af5948c1bd8909
SHA512

c70efab057fb99953783e5d16aadbdeb3d9580dbf3427b70cbdbd75e9cbc2430f1668a1c053cf5dcf87f4c24f01124c95812cdf986dc97d33d5c3137d3c53f34
SSDEEP

196608:KGGb6IDktU3uYOQAahryWXMM3ksPqmzcl+LG314Hujb7KgkYCbGNBmHTE:KG+6kp51kUMMUON+2HBb

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

89.22.236.225:4193

176.124.205.5:4193

Signatures

Systembc family
systembc

Files

2036-113-0x0000000010000000-0x0000000010B6B000-memory.dmp
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

*;>%1sXO
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

7rP!Ni:j
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

bkE<E2?8
Size: - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8*7`Joyq
Size: - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

0Ys'"rSd
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nUPwRZiK
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

$u!6XeN&
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

K)'tLNvc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy