systembc | 5106c3fc86c0d609c715e1cb9c1c61b21bf607ed6fa132601b834cf606537de0 | Triage

Sharing

General

Target

b8127c859906ad947b89b41119b9c310.exe
Size

204KB
Sample

221212-kd568sah57
MD5

b8127c859906ad947b89b41119b9c310
SHA1

a9a59ee98af4cdf2587c678f06325b15bbe4d3a7
SHA256

5106c3fc86c0d609c715e1cb9c1c61b21bf607ed6fa132601b834cf606537de0
SHA512

22957031c45c0aa140b932c9118a52980ad1c9e67aeca34784cb88eea8c7b9a3fddb11ff97752b3b34bdc3cbfdff46233bb267cc8ea5e27525f923b24fa5e9f9
SSDEEP

3072:ibZHetUxwPRFL6KrxEYN0PXiyCSiyCSiyCr7LTrLhx6AMg5iqjjjjjjjD3O7Fh:iN+tZCKrxBN0AhxNZw

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

26asdcgd.com:4039

26asdcgd.xyz:4039

Targets

- Target
  
  b8127c859906ad947b89b41119b9c310.exe
- Size
  
  204KB
- MD5
  
  b8127c859906ad947b89b41119b9c310
- SHA1
  
  a9a59ee98af4cdf2587c678f06325b15bbe4d3a7
- SHA256
  
  5106c3fc86c0d609c715e1cb9c1c61b21bf607ed6fa132601b834cf606537de0
- SHA512
  
  22957031c45c0aa140b932c9118a52980ad1c9e67aeca34784cb88eea8c7b9a3fddb11ff97752b3b34bdc3cbfdff46233bb267cc8ea5e27525f923b24fa5e9f9
- SSDEEP
  
  3072:ibZHetUxwPRFL6KrxEYN0PXiyCSiyCSiyCr7LTrLhx6AMg5iqjjjjjjjD3O7Fh:iN+tZCKrxBN0AhxNZw
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Connection Proxy

Impact

Tasks

static1

behavioral1

behavioral2