Overview

overview

10

Static

static

3

e28bb0c12b...b6.exe

windows7-x64

10

e28bb0c12b...b6.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e28bb0c12be9480d98e49fce8cced7b6.exe

  • Size

    281KB

  • Sample

    230619-lvg2eaec3z

  • MD5

    e28bb0c12be9480d98e49fce8cced7b6

  • SHA1

    e7f2fb2ebdcd1f416422ecfc9a2e3bdf4dc2e845

  • SHA256

    3c8aec76ac1f6c07f332c3f9a80c4c3c93c5f809b58dfed8abdb6a644e13c57c

  • SHA512

    a2edcf059ec2787c20940913c674e86e19047147c5574d129f6126d4e53c90be24526ac61f146bcab8d678f60ce4e9c017a11309921cd23642d501c9b2f78578

  • SSDEEP

    3072:d5lYIMAbKnUtNBizA3DAbxk57Ei3LSmPI0DnMOC4YMA5ydszTgXl:2IMVUtrrl7BDnMf4HA0

Score
10/10
systembcpersistencetrojan

Malware Config

Extracted

Family

systembc

C2

admex1955x.xyz:4044

servx2785x.xyz:4044

Targets

    • Target

      e28bb0c12be9480d98e49fce8cced7b6.exe

    • Size

      281KB

    • MD5

      e28bb0c12be9480d98e49fce8cced7b6

    • SHA1

      e7f2fb2ebdcd1f416422ecfc9a2e3bdf4dc2e845

    • SHA256

      3c8aec76ac1f6c07f332c3f9a80c4c3c93c5f809b58dfed8abdb6a644e13c57c

    • SHA512

      a2edcf059ec2787c20940913c674e86e19047147c5574d129f6126d4e53c90be24526ac61f146bcab8d678f60ce4e9c017a11309921cd23642d501c9b2f78578

    • SSDEEP

      3072:d5lYIMAbKnUtNBizA3DAbxk57Ei3LSmPI0DnMOC4YMA5ydszTgXl:2IMVUtrrl7BDnMf4HA0

    Score
    10/10
    systembcpersistencetrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks