General

  • Target

    1d9c2cf81e2cf08504b51a9070c7aea2fa3d80734fb9423aa70e11284fa41911

  • Size

    325KB

  • Sample

    230206-mqqnesde47

  • MD5

    c99936db84763a467ddf35438d84842b

  • SHA1

    a2a58fdd3ea7d5403fe435fcc98d42d62b65ea24

  • SHA256

    1d9c2cf81e2cf08504b51a9070c7aea2fa3d80734fb9423aa70e11284fa41911

  • SHA512

    2f5284138e008689bd5acab30ab01bfe8aa14c023c7e4ab1c196dc68cbf4d3d5448585f563396bab606e10550bb2f4726ffc562c0970ff3cfa1d11e1879d52e2

  • SSDEEP

    6144:AXLM/Q0cxbexoCovjHtNlVLCuk6oMRvk:AXY/QahIjHtNlNCr6vk

Score
10/10

Malware Config

Extracted

Family

systembc

C2

144.76.223.74:443

Targets

    • Target

      1d9c2cf81e2cf08504b51a9070c7aea2fa3d80734fb9423aa70e11284fa41911

    • Size

      325KB

    • MD5

      c99936db84763a467ddf35438d84842b

    • SHA1

      a2a58fdd3ea7d5403fe435fcc98d42d62b65ea24

    • SHA256

      1d9c2cf81e2cf08504b51a9070c7aea2fa3d80734fb9423aa70e11284fa41911

    • SHA512

      2f5284138e008689bd5acab30ab01bfe8aa14c023c7e4ab1c196dc68cbf4d3d5448585f563396bab606e10550bb2f4726ffc562c0970ff3cfa1d11e1879d52e2

    • SSDEEP

      6144:AXLM/Q0cxbexoCovjHtNlVLCuk6oMRvk:AXY/QahIjHtNlNCr6vk

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Downloads MZ/PE file

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks