Analysis
-
max time kernel
148s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system -
submitted
01-03-2023 10:14
Static task
static1
Behavioral task
behavioral1
Sample
2021-02-01-SystemBC-malware-EXE.exe
Resource
win7-20230220-en
windows7-x64
3 signatures
150 seconds
General
-
Target
2021-02-01-SystemBC-malware-EXE.exe
-
Size
237KB
-
MD5
4506d15d2b790734ca655cfc5b79f778
-
SHA1
9e2392716e84b90c2c822b8a73b741af6ba02331
-
SHA256
61499704920ee633ffb2baab36eb8eb70d5e0426bca584f9a4a872e4b930c417
-
SHA512
f18d30ec47234a8a95130cd8501d92383e4384324c47b05cd34724c2dfbf4317c550ecea8dd1930f1317c0626d3cd0a299b2e84312354a083574659781ce8746
-
SSDEEP
3072:nDjehmqPKDfx57RDQKIVfpWiHoZhrjz/+R8Aeit1nl0L4H8Y01kyj8pFrYq02mLx:nDjYVPKrrRUthZyhXzse2021JL02e
Malware Config
Extracted
Family
systembc
C2
109.234.39.169:4001
Signatures
-
Drops file in Windows directory 2 IoCs
Processes:
2021-02-01-SystemBC-malware-EXE.exedescription ioc process File created C:\Windows\Tasks\wow64.job 2021-02-01-SystemBC-malware-EXE.exe File opened for modification C:\Windows\Tasks\wow64.job 2021-02-01-SystemBC-malware-EXE.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\2021-02-01-SystemBC-malware-EXE.exe"C:\Users\Admin\AppData\Local\Temp\2021-02-01-SystemBC-malware-EXE.exe"1⤵
- Drops file in Windows directory
-
C:\Users\Admin\AppData\Local\Temp\2021-02-01-SystemBC-malware-EXE.exeC:\Users\Admin\AppData\Local\Temp\2021-02-01-SystemBC-malware-EXE.exe start1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2024-136-0x0000000004020000-0x0000000004025000-memory.dmpFilesize
20KB
-
memory/2024-137-0x0000000000400000-0x00000000022DC000-memory.dmpFilesize
30.9MB
-
memory/2024-146-0x0000000000400000-0x00000000022DC000-memory.dmpFilesize
30.9MB
-
memory/4616-154-0x0000000000400000-0x00000000022DC000-memory.dmpFilesize
30.9MB