systembc | a216650a36498389a10434af63324705ac991f815bae1ba65d9ecf31f71862de | Triage

Sharing

General

Target

a216650a36498389a10434af63324705ac991f815bae1ba65d9ecf31f71862de
Size

6.2MB
Sample

230801-egxflsec6v
MD5

374d8e8089ecf5f1a161514d1b346432
SHA1

cf3b7d0b7a80a64a5e5a02cf0ea1b588ca0ce0d0
SHA256

a216650a36498389a10434af63324705ac991f815bae1ba65d9ecf31f71862de
SHA512

085c681ac01da5fd5dbc922e7039b41bf6c0b0dc0446ac7e8e5ba904c187c32b0b7e081206c50cbe88b1af303ac2215c7672af3ec1a46eb73bcd576b003f628c
SSDEEP

98304:BtEdRaCU9BlAa/WtuNABPUM6fgGYa3+HQ6JF4VbFofo4eM5YavbJ9nEv:BtEL8WXtB2kUw14bafo4B5YaTJ9nEv

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

5.42.65.67:4298

localhost.exchange:4298

Targets

- Target
  
  a216650a36498389a10434af63324705ac991f815bae1ba65d9ecf31f71862de
- Size
  
  6.2MB
- MD5
  
  374d8e8089ecf5f1a161514d1b346432
- SHA1
  
  cf3b7d0b7a80a64a5e5a02cf0ea1b588ca0ce0d0
- SHA256
  
  a216650a36498389a10434af63324705ac991f815bae1ba65d9ecf31f71862de
- SHA512
  
  085c681ac01da5fd5dbc922e7039b41bf6c0b0dc0446ac7e8e5ba904c187c32b0b7e081206c50cbe88b1af303ac2215c7672af3ec1a46eb73bcd576b003f628c
- SSDEEP
  
  98304:BtEdRaCU9BlAa/WtuNABPUM6fgGYa3+HQ6JF4VbFofo4eM5YavbJ9nEv:BtEL8WXtB2kUw14bafo4B5YaTJ9nEv
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2