systembc | 204e68df323cbcabdd60a878fa5444df2ddd1fbaa8411d6350649e4a2e233434 | Triage

Sharing

General

Target

204e68df323cbcabdd60a878fa5444df2ddd1fbaa8411d6350649e4a2e233434
Size

164KB
Sample

230715-dz2ydahh2v
MD5

5e11dd2bc2627a60f664e37c36e735a7
SHA1

550d348ea3f28ba8a0e67675775e26de282fc51f
SHA256

204e68df323cbcabdd60a878fa5444df2ddd1fbaa8411d6350649e4a2e233434
SHA512

5eef7950796c878b368871463cab0f79899b13b0649c38ee36b6630b55ab15b04b5859e833285965fd394eaab846eb09773733529f02b8f2606c1e59f7afe8fe
SSDEEP

3072:ZKLBjs/w8UiFBS8VX6tfnVFIDeErAeAmE7J0T84UdX5Awy:8LBA/SiLRVX4Inm5cF

Score

10^/10

systembc persistence trojan

Malware Config

Extracted

Family

systembc

C2

adstat477d.xyz:4044

demstat577d.xyz:4044

Targets

- Target
  
  204e68df323cbcabdd60a878fa5444df2ddd1fbaa8411d6350649e4a2e233434
- Size
  
  164KB
- MD5
  
  5e11dd2bc2627a60f664e37c36e735a7
- SHA1
  
  550d348ea3f28ba8a0e67675775e26de282fc51f
- SHA256
  
  204e68df323cbcabdd60a878fa5444df2ddd1fbaa8411d6350649e4a2e233434
- SHA512
  
  5eef7950796c878b368871463cab0f79899b13b0649c38ee36b6630b55ab15b04b5859e833285965fd394eaab846eb09773733529f02b8f2606c1e59f7afe8fe
- SSDEEP
  
  3072:ZKLBjs/w8UiFBS8VX6tfnVFIDeErAeAmE7J0T84UdX5Awy:8LBA/SiLRVX4Inm5cF
Score

10^/10

systembc persistence trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcpersistencetrojan