systembc | 792bce2f91e0ab94042cc4e682138f55f6b710d2613fef92864462d2a0a57865 | Triage

Sharing

General

Target

792bce2f91e0ab94042cc4e682138f55f6b710d2613fef92864462d2a0a57865
Size

4.7MB
Sample

230722-1472hsch8v
MD5

d5f0f054453ad42c81755b596f310fa8
SHA1

058adf731d033a5dbb15d8ee7667eb84619b28de
SHA256

792bce2f91e0ab94042cc4e682138f55f6b710d2613fef92864462d2a0a57865
SHA512

18eba4f5ac1d9303d8a5a768cb068fdabf7717a82050d1d785252b0270e32a22d24c54365ae00368e676cd3841df120100f5f5f6479dad7b13d5f57ca341cca5
SSDEEP

6144:vOaZsS4DFasluB04DdbHXrW2AmPxSB/lKfwmpjLkBGxZlTK:TZsFDFas+l3a2AYfnjxxX

Score

10^/10

systembc persistence trojan

Malware Config

Extracted

Family

systembc

C2

91.103.252.89:4317

91.103.252.57:4317

Targets

- Target
  
  792bce2f91e0ab94042cc4e682138f55f6b710d2613fef92864462d2a0a57865
- Size
  
  4.7MB
- MD5
  
  d5f0f054453ad42c81755b596f310fa8
- SHA1
  
  058adf731d033a5dbb15d8ee7667eb84619b28de
- SHA256
  
  792bce2f91e0ab94042cc4e682138f55f6b710d2613fef92864462d2a0a57865
- SHA512
  
  18eba4f5ac1d9303d8a5a768cb068fdabf7717a82050d1d785252b0270e32a22d24c54365ae00368e676cd3841df120100f5f5f6479dad7b13d5f57ca341cca5
- SSDEEP
  
  6144:vOaZsS4DFasluB04DdbHXrW2AmPxSB/lKfwmpjLkBGxZlTK:TZsFDFas+l3a2AYfnjxxX
Score

10^/10

systembc persistence trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

systembcpersistencetrojan

behavioral2

systembcpersistencetrojan