General

  • Target

    SecuriteInfo.com.FileRepMalware.1537.4965.exe

  • Size

    1.7MB

  • Sample

    230725-v2j9safa5z

  • MD5

    571a3130d8dfa900c4f1fc443b18a69e

  • SHA1

    c1509161b2bd443739648475f39ee710dbbfe869

  • SHA256

    d91e0131e9a5854d8a2299742a4332bf127a185b72949d731d5e48aa87144f94

  • SHA512

    f07907f671b764768016c50f0e4a09a732ffdde6bd70cfc185c81ce9e4dd8eab2e7e423fb87e05d0b437f0a4fdaee8d36fa6b86045e498d9fed8ce7961fa529a

  • SSDEEP

    24576:juJN/7n6lbcu8oba51zj1SqdAGFQZIxvH7Gv3V8tZLAA9u45UJoeVO:86+u8o23zjYq+ZIPX9P5UJoek

Score
10/10

Malware Config

Extracted

Family

systembc

C2

ar.undata.cc:5320

ar1.undata.cc:5320

Targets

    • Target

      SecuriteInfo.com.FileRepMalware.1537.4965.exe

    • Size

      1.7MB

    • MD5

      571a3130d8dfa900c4f1fc443b18a69e

    • SHA1

      c1509161b2bd443739648475f39ee710dbbfe869

    • SHA256

      d91e0131e9a5854d8a2299742a4332bf127a185b72949d731d5e48aa87144f94

    • SHA512

      f07907f671b764768016c50f0e4a09a732ffdde6bd70cfc185c81ce9e4dd8eab2e7e423fb87e05d0b437f0a4fdaee8d36fa6b86045e498d9fed8ce7961fa529a

    • SSDEEP

      24576:juJN/7n6lbcu8oba51zj1SqdAGFQZIxvH7Gv3V8tZLAA9u45UJoeVO:86+u8o23zjYq+ZIPX9P5UJoek

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks