systembc | 1924-159-0x0000000000400000-0x000000000083B000-memory[.]dmp | Triage

Resubmissions

04/05/2023, 11:13

230504-nbs1nsdg2v 10

Sharing

General

Target

1924-159-0x0000000000400000-0x000000000083B000-memory.dmp
Size

4.2MB
MD5

f169551319a15de3d2fbe93ea80c27d4
SHA1

6a5e65bd5fe9697c1319921101ce8d2779e7c786
SHA256

66dbd0e70d6e5dc24c6a65892720f4b9208bb5adb4d1710c11cf54e72eaf9caa
SHA512

47a0bbf370370feb0d1246f67a4110b6473731ad8be5d6cd7440794ed5d7e99a2d4613b861ef3cbb54c231cdf6543a160c4ccae43177b0231d541206d6dcc5af
SSDEEP

98304:ntnH6M+XAdBDyRgUGQDocszJp63phstRGcqmtHCAyLlV:sEq05ggtNqmtr0lV

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

185.161.248.16:4440

Signatures

Systembc family
systembc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1924-159-0x0000000000400000-0x000000000083B000-memory.dmp

Files

1924-159-0x0000000000400000-0x000000000083B000-memory.dmp
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��T�
Size: 2277.1MB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fxonxukr
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

stkrkkzf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE