systembc | a98b0087e10d01411982e9539ff9e6185242c8c7af6229895bb844f8aaf9f73e | Triage

Sharing

General

Target

a98b0087e10d01411982e9539ff9e6185242c8c7af6229895bb844f8aaf9f73e
Size

6.3MB
Sample

221210-kaymzsfb54
MD5

a619132e7c61432841de11c8116c4644
SHA1

49d002da4c23840cd4d55918946980645b384fdc
SHA256

a98b0087e10d01411982e9539ff9e6185242c8c7af6229895bb844f8aaf9f73e
SHA512

3091ada2431b96f73f5a301d22a58439dff3c166946568015a0612b25258ffe0e44251e82ffb01be945e7682bc663e5697497883fc1b9ba98b1910f908cc0720
SSDEEP

196608:9Ig2+sNg8zhZQHukk9VFO3OuUXvVgW/hRiTzfyrvF:9Xreg8lZQHT3w/2ChRofyrv

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

89.22.236.225:4193

176.124.205.5:4193

Targets

- Target
  
  a98b0087e10d01411982e9539ff9e6185242c8c7af6229895bb844f8aaf9f73e
- Size
  
  6.3MB
- MD5
  
  a619132e7c61432841de11c8116c4644
- SHA1
  
  49d002da4c23840cd4d55918946980645b384fdc
- SHA256
  
  a98b0087e10d01411982e9539ff9e6185242c8c7af6229895bb844f8aaf9f73e
- SHA512
  
  3091ada2431b96f73f5a301d22a58439dff3c166946568015a0612b25258ffe0e44251e82ffb01be945e7682bc663e5697497883fc1b9ba98b1910f908cc0720
- SSDEEP
  
  196608:9Ig2+sNg8zhZQHukk9VFO3OuUXvVgW/hRiTzfyrvF:9Xreg8lZQHT3w/2ChRofyrv
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Blocklisted process makes network request
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1