systembc | 3c8aec76ac1f6c07f332c3f9a80c4c3c93c5f809b58dfed8abdb6a644e13c57c | Triage

Sharing

General

Target

e28bb0c12be9480d98e49fce8cced7b6.exe
Size

281KB
Sample

230619-lvg2eaec3z
MD5

e28bb0c12be9480d98e49fce8cced7b6
SHA1

e7f2fb2ebdcd1f416422ecfc9a2e3bdf4dc2e845
SHA256

3c8aec76ac1f6c07f332c3f9a80c4c3c93c5f809b58dfed8abdb6a644e13c57c
SHA512

a2edcf059ec2787c20940913c674e86e19047147c5574d129f6126d4e53c90be24526ac61f146bcab8d678f60ce4e9c017a11309921cd23642d501c9b2f78578
SSDEEP

3072:d5lYIMAbKnUtNBizA3DAbxk57Ei3LSmPI0DnMOC4YMA5ydszTgXl:2IMVUtrrl7BDnMf4HA0

Score

10^/10

systembc persistence trojan

Malware Config

Extracted

Family

systembc

C2

admex1955x.xyz:4044

servx2785x.xyz:4044

Targets

- Target
  
  e28bb0c12be9480d98e49fce8cced7b6.exe
- Size
  
  281KB
- MD5
  
  e28bb0c12be9480d98e49fce8cced7b6
- SHA1
  
  e7f2fb2ebdcd1f416422ecfc9a2e3bdf4dc2e845
- SHA256
  
  3c8aec76ac1f6c07f332c3f9a80c4c3c93c5f809b58dfed8abdb6a644e13c57c
- SHA512
  
  a2edcf059ec2787c20940913c674e86e19047147c5574d129f6126d4e53c90be24526ac61f146bcab8d678f60ce4e9c017a11309921cd23642d501c9b2f78578
- SSDEEP
  
  3072:d5lYIMAbKnUtNBizA3DAbxk57Ei3LSmPI0DnMOC4YMA5ydszTgXl:2IMVUtrrl7BDnMf4HA0
Score

10^/10

systembc persistence trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcpersistencetrojan

behavioral2

systembcpersistencetrojan