systembc | a736c699fe879975bc8daa8525984ba514ae96a294f74d570dff0cbfd2117e24 | Triage

Submit
Reports

Overview

overview

Static

static

7

dridex

windows10-2004-x64

Sharing

General

Target

a736c699fe879975bc8daa8525984ba514ae96a294f74d570dff0cbfd2117e24
Size

5.9MB
Sample

230807-ttxdpsgc85
MD5

79c80f6c916250dfad7f433e1ff950ee
SHA1

e281b0719592b08b28184decdc1ea5ba9b33e46b
SHA256

a736c699fe879975bc8daa8525984ba514ae96a294f74d570dff0cbfd2117e24
SHA512

d6c1392a886fafb3d750abb32dc4be6f5a01205d51e18cf0456eae7aecb2c6a9ea88e96c9880d7269577f013a91dd1e70e433938b835156ad63ad15b704e84ba
SSDEEP

98304:jLuSoV+yTXcmw9ghSxaq+zRliwT6MAUzk2wQuvvsn+AwUbbXw:+BrBphSxa7zXRTkUzkYuG+AwUPX

Score

10^/10

systembc trojan vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

a736c699fe879975bc8daa8525984ba514ae96a294f74d570dff0cbfd2117e24.dll

Resource

win10v2004-20230703-en

systembc trojan vmprotect

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

systembc

C2

5.42.65.67:4298

localhost.exchange:4298

Targets

- Target
  
  a736c699fe879975bc8daa8525984ba514ae96a294f74d570dff0cbfd2117e24
- Size
  
  5.9MB
- MD5
  
  79c80f6c916250dfad7f433e1ff950ee
- SHA1
  
  e281b0719592b08b28184decdc1ea5ba9b33e46b
- SHA256
  
  a736c699fe879975bc8daa8525984ba514ae96a294f74d570dff0cbfd2117e24
- SHA512
  
  d6c1392a886fafb3d750abb32dc4be6f5a01205d51e18cf0456eae7aecb2c6a9ea88e96c9880d7269577f013a91dd1e70e433938b835156ad63ad15b704e84ba
- SSDEEP
  
  98304:jLuSoV+yTXcmw9ghSxaq+zRliwT6MAUzk2wQuvvsn+AwUbbXw:+BrBphSxa7zXRTkUzkYuG+AwUPX
Score

10^/10

systembc trojan vmprotect
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Blocklisted process makes network request
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

systembctrojanvmprotect

© 2018-2024

Terms | Privacy