systembc | 25f77a058ec8aff36602762a75066b3ba52652ce90fc823b51dc81e4b14bbeb9 | Triage

Sharing

General

Target

25f77a058ec8aff36602762a75066b3ba52652ce90fc823b51dc81e4b14bbeb9
Size

164KB
Sample

230714-3s4k3ahd3x
MD5

6ac14216327dcfb60b33ebd914f62769
SHA1

d55eba9a523347f5ee65c9e27a3dc73a1eb4cf7b
SHA256

25f77a058ec8aff36602762a75066b3ba52652ce90fc823b51dc81e4b14bbeb9
SHA512

6af659cfee302b0faefd85a87bc0aa3e10c40aeb18c6246cf2b335a34b40c21279f1b76ae420217f2caa3913d66e96116860ce442fad5fe465d2273de79ff3ed
SSDEEP

3072:CfQL9T47Hoh75YiZjcgJvlDXDG0yWtL7g5AGT:9L9cDohqiZb5lDXS0ygd6

Score

10^/10

systembc persistence trojan

Malware Config

Extracted

Family

systembc

C2

adstat477d.xyz:4044

demstat577d.xyz:4044

Targets

- Target
  
  25f77a058ec8aff36602762a75066b3ba52652ce90fc823b51dc81e4b14bbeb9
- Size
  
  164KB
- MD5
  
  6ac14216327dcfb60b33ebd914f62769
- SHA1
  
  d55eba9a523347f5ee65c9e27a3dc73a1eb4cf7b
- SHA256
  
  25f77a058ec8aff36602762a75066b3ba52652ce90fc823b51dc81e4b14bbeb9
- SHA512
  
  6af659cfee302b0faefd85a87bc0aa3e10c40aeb18c6246cf2b335a34b40c21279f1b76ae420217f2caa3913d66e96116860ce442fad5fe465d2273de79ff3ed
- SSDEEP
  
  3072:CfQL9T47Hoh75YiZjcgJvlDXDG0yWtL7g5AGT:9L9cDohqiZb5lDXS0ygd6
Score

10^/10

systembc persistence trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcpersistencetrojan