Overview

overview

10

Static

static

3

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    728c034592a639712e51321596f4dd3c24da68fa649ffb334e12bfb48018ecda

  • Size

    4.8MB

  • Sample

    230720-d6r2rada9w

  • MD5

    a5fa62f8cb515e6aafc529b34671c6a7

  • SHA1

    09ba2232776cdb5c41349fd50a8ddf5883fbfb85

  • SHA256

    728c034592a639712e51321596f4dd3c24da68fa649ffb334e12bfb48018ecda

  • SHA512

    0ecb161bab04660bbfcd75d01ea348a6abae3b12a5c1db42b0ee9a7a931cac1d6c931ea2db4a5dccdeb2dee39d9ba907b3e04df72b4dd79319ff818825140682

  • SSDEEP

    12288:TeC3CZ/dn53l3lYZDGR2vK/BY3nLkpVpnG6kzv:i+m33l3lYZE2C/zG5

Score
10/10
systembcpersistencetrojan

Malware Config

Extracted

Family

systembc

C2

91.103.252.89:4317

91.103.252.57:4317

Targets

    • Target

      728c034592a639712e51321596f4dd3c24da68fa649ffb334e12bfb48018ecda

    • Size

      4.8MB

    • MD5

      a5fa62f8cb515e6aafc529b34671c6a7

    • SHA1

      09ba2232776cdb5c41349fd50a8ddf5883fbfb85

    • SHA256

      728c034592a639712e51321596f4dd3c24da68fa649ffb334e12bfb48018ecda

    • SHA512

      0ecb161bab04660bbfcd75d01ea348a6abae3b12a5c1db42b0ee9a7a931cac1d6c931ea2db4a5dccdeb2dee39d9ba907b3e04df72b4dd79319ff818825140682

    • SSDEEP

      12288:TeC3CZ/dn53l3lYZDGR2vK/BY3nLkpVpnG6kzv:i+m33l3lYZE2C/zG5

    Score
    10/10
    systembcpersistencetrojan

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

      trojansystembc

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks