Malware Analysis Report

2025-04-03 09:43

Sample ID 230411-wrpbeseb87
Target 10021237008.zip
SHA256 3c30eee540fd9371e5010a322a99e8a169b4a997145dfda5ded0a76f444268f4
Tags
systembc
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3c30eee540fd9371e5010a322a99e8a169b4a997145dfda5ded0a76f444268f4

Threat Level: Known bad

The file 10021237008.zip was found to be: Known bad.

Malicious Activity Summary

systembc

Systembc family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-04-11 18:09

Signatures

Systembc family

systembc

Analysis: behavioral1

Detonation Overview

Submitted

2023-04-11 18:09

Reported

2023-04-11 18:12

Platform

win7-20230220-en

Max time kernel

31s

Max time network

33s

Command Line

"C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe

"C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe"

Network

Country Destination Domain Proto
LT 93.115.28.138:443 tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-04-11 18:09

Reported

2023-04-11 18:12

Platform

win10v2004-20230220-en

Max time kernel

81s

Max time network

128s

Command Line

"C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe

"C:\Users\Admin\AppData\Local\Temp\13047f8cb7277ad8c1daa6f32cf4ae8029fb6ae9f839ed92d4cae12285ed366b.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 108.211.229.192.in-addr.arpa udp
LT 93.115.28.138:443 tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 assets.msn.com udp
GB 95.101.143.232:443 assets.msn.com tcp
US 8.8.8.8:53 232.143.101.95.in-addr.arpa udp
US 40.77.2.164:443 tcp
US 8.8.8.8:53 151.122.125.40.in-addr.arpa udp
US 8.8.8.8:53 1.77.109.52.in-addr.arpa udp
US 8.8.8.8:53 2.36.159.162.in-addr.arpa udp
NL 87.248.202.1:80 tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
NL 173.223.113.164:443 tcp
NL 173.223.113.131:80 tcp
US 204.79.197.203:80 api.msn.com tcp

Files

N/A