systembc | 636-160-0x0000000000400000-0x000000000083B000-memory[.]dmp | Triage

Sharing

General

Target

636-160-0x0000000000400000-0x000000000083B000-memory.dmp
Size

4.2MB
MD5

c7a05f768dc81195010122c50aa8e010
SHA1

64731ede977751e46dbe3a47f537ac48f4922e1f
SHA256

b26e5deccf2eeb76d5542fdf682c7a5a3bdf836202dd9cb608c9d484f4e91a7d
SHA512

c76644b4668f9075d94cd31bd5ce45141d563fea4a4966cd997fa9fdfa9b7ffd2b8c322e8336b1cf55492f1f4094bbfeff037c3605ca3ff301589c06c1a11ad9
SSDEEP

98304:WtnH6M+XAdBDyjdaGQ3tcsKgX63dwstRGcqmtHCAyLlV:57Q9zK9tNqmtr0lV

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

185.161.248.16:4440

Signatures

Systembc family
systembc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
636-160-0x0000000000400000-0x000000000083B000-memory.dmp

Files

636-160-0x0000000000400000-0x000000000083B000-memory.dmp
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��T�
Size: 1794.6MB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fxonxukr
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

stkrkkzf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE