Overview

overview

10

Static

static

1

0ca834aecd...5a.dll

windows7-x64

10

0ca834aecd...5a.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    22-02-2023 09:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0ca834aecd8a27eadca15f7054f33d5a.dll

  • Size

    6.0MB

  • MD5

    0ca834aecd8a27eadca15f7054f33d5a

  • SHA1

    0fab64541262927cbf58d8a1755717a4ad81bf25

  • SHA256

    da6f4ed0f611021ae9565d8514875b627c031a44d5ca7d25bdc290c8a10aee4e

  • SHA512

    2ff6162aa7339ee0faedbb4644caec4125477568b1825b2f01e923a1f7670462abc3d2dedc6750a28de09f1eefb63f86eb9ba0932361e302c4b4b1d79ce003e3

  • SSDEEP

    98304:7uoS3DPg0N45/W/0Yg8UBEgorYH0gg22fFOAJqYn5hD457KN4z0u:7T+gE4JrY2ByYHoFO+nDju0u

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

65.109.48.216:4270

35.198.166.27:4270

Signatures

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc
  • Blocklisted process makes network request 14 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\0ca834aecd8a27eadca15f7054f33d5a.dll,#1
    1⤵
    • Blocklisted process makes network request
    • Suspicious behavior: EnumeratesProcesses
    PID:1204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1204-55-0x0000000077A30000-0x0000000077A32000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1204-54-0x0000000077A30000-0x0000000077A32000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1204-56-0x0000000077A30000-0x0000000077A32000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1204-57-0x000007FEF5790000-0x000007FEF610B000-memory.dmp
    Filesize

    9.5MB

    Download