systembc | 1752-171-0x0000000000400000-0x000000000083B000-memory[.]dmp | Triage

Sharing

General

Target

1752-171-0x0000000000400000-0x000000000083B000-memory.dmp
Size

4.2MB
MD5

6335349a23cc933d25f5b7914fa7ae0f
SHA1

9a1278768971d65ac8e097488edf33a82952e1b0
SHA256

e37dba294953e085095ddc4b8f58dfc3f8d8e4f23e3d86869858c15ca37c904e
SHA512

0fba86e9e26799b327b635c86cd1f608638af28f69ff97a0a2cd14f455e2d329e9e9581fd9772f735dee7e8932852b10c0f94d4ef99d5f2786c3bf7e64bb8e70
SSDEEP

98304:etnH6M+XAdBDykXBGQF2csqH863KostRGcqmtHCAyLlV:BQ9oIFOtNqmtr0lV

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

185.161.248.16:4440

Signatures

Systembc family
systembc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1752-171-0x0000000000400000-0x000000000083B000-memory.dmp

Files

1752-171-0x0000000000400000-0x000000000083B000-memory.dmp
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��T�
Size: 1725.2MB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fxonxukr
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

stkrkkzf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE