systembc | 1204-57-0x000007FEF5790000-0x000007FEF610B000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1204-57-0x...ry.dll

windows7-x64

3

1204-57-0x...ry.dll

windows10-2004-x64

3

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1204-57-0x000007FEF5790000-0x000007FEF610B000-memory.dll

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

1204-57-0x000007FEF5790000-0x000007FEF610B000-memory.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

1204-57-0x000007FEF5790000-0x000007FEF610B000-memory.dmp
Size

9.5MB
MD5

3007588b698821f51d99f9c5d9805744
SHA1

83faa9c6ad99f82464b9d23f394f59f02395ed40
SHA256

9cab37c37d4a7f31f96b441311773fca315e306cbc0eff8b0679d5efec5b75c0
SHA512

5c2ebc01162337074eb07c2a48e37fc52178890b63acc45f6ab1d68b60d4b30498101a13900f524110c8303be1f4c5cfce710b617fe0ad179590b4e45805b18e
SSDEEP

196608:zbDORRPCI3GT+gE4JrY2ByYHoFO+nDByE8:zbDOPPJ3X4e28nFjDEB

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

65.109.48.216:4270

35.198.166.27:4270

Signatures

Systembc family
systembc

Files

1204-57-0x000007FEF5790000-0x000007FEF610B000-memory.dmp
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

c0cp#&Te
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

\+:kXe(=
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

s$!IXF;g
Size: - Virtual size: 595B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VqPL*$HS
Size: - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

(eaziji&
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

:E$Ig''^
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lHuK9[f=
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

O3E2].uN
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy