systembc | 9871110383[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

13047f8cb7...6b.exe

windows7-x64

1

13047f8cb7...6b.exe

windows10-2004-x64

1

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

9871110383.zip
Size

4KB
MD5

af280999cbe738a706e0d37fcbd8244c
SHA1

e91e6b792f517afdc557650606e43b732a06f8c3
SHA256

3c30eee540fd9371e5010a322a99e8a169b4a997145dfda5ded0a76f444268f4
SHA512

e34a9b307d11822cafe9e61c913b111115e26d3ecb8a261a125904f360ccbdcc0eacd9ce4f5da9236f6f4c980a6eb42a822b1913473ad36ec175d29181d8b2be
SSDEEP

96:JVGBwJwe6WI9gzBxMYsfTYi5XdUsATCPaAegFjUHuVh3x:iwp6W4AuY4Tx5NUsDi8JUH+3x

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

93.115.28.138:443

192.168.1.28:443

Signatures

Systembc family
systembc

Files

9871110383.zip
.zip

Password: infected
13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b
.exe windows x86

244e050a81e77998691e7f8e5062a40a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
TranslateMessage
ShowWindow
RegisterClassA
PostQuitMessage
LoadIconA
LoadCursorA
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA

kernel32

GetCommandLineA
WaitForSingleObject
VirtualFree
VirtualAlloc
Sleep
CloseHandle
CreateEventA
CreateMutexA
CreateThread
ExitProcess
OpenMutexA
GetModuleHandleA
GetVolumeInformationA
SetEvent

advapi32

RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey

wsock32

WSAStartup
closesocket
connect
htons
ioctlsocket
recv
select
send
setsockopt
shutdown
socket

ws2_32

freeaddrinfo
WSAIoctl
getaddrinfo

secur32

GetUserNameExA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy