systembc | ae8bce2c950ea683276425246918a82935cb7214d08190d5996e31876208ab77 | Triage

Sharing

General

Target

3b3d7619eb68e228800d9c3f5ac23ee3.dll.exe
Size

12.4MB
Sample

230316-kep7eahh86
MD5

3b3d7619eb68e228800d9c3f5ac23ee3
SHA1

3007b4cd5ab4d940e2cf9e116134f22deda586ea
SHA256

ae8bce2c950ea683276425246918a82935cb7214d08190d5996e31876208ab77
SHA512

a37c4e9ff41b51803f34f7257a830d54bb50bd73f019e6bde80e86f6ed23660d2d1e3cf0fa695372648bef05175b7c9e41f1a92f9c7e88331ff16d54ed6d6fee
SSDEEP

393216:jDGjz5THB+jnTTxLH143tmCHbJ/CCGKan9I:jgdTHB6nTTpstHwCI9I

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

79.137.203.32:4289

localhost.exchange:4289

Targets

- Target
  
  3b3d7619eb68e228800d9c3f5ac23ee3.dll.exe
- Size
  
  12.4MB
- MD5
  
  3b3d7619eb68e228800d9c3f5ac23ee3
- SHA1
  
  3007b4cd5ab4d940e2cf9e116134f22deda586ea
- SHA256
  
  ae8bce2c950ea683276425246918a82935cb7214d08190d5996e31876208ab77
- SHA512
  
  a37c4e9ff41b51803f34f7257a830d54bb50bd73f019e6bde80e86f6ed23660d2d1e3cf0fa695372648bef05175b7c9e41f1a92f9c7e88331ff16d54ed6d6fee
- SSDEEP
  
  393216:jDGjz5THB+jnTTxLH143tmCHbJ/CCGKan9I:jgdTHB6nTTpstHwCI9I
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Blocklisted process makes network request
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2