General

  • Target

    23540c83cc4620f33d45dea691c6888b.exe

  • Size

    6.1MB

  • Sample

    230808-y95r8shc3v

  • MD5

    23540c83cc4620f33d45dea691c6888b

  • SHA1

    bbdb961ad6fd8ad40cc3b8174242ca64f9a446a8

  • SHA256

    b17f6d86a9b9d63e841046b6b999e1197e81b2cf5cc6bcf376be9698e5d0f84b

  • SHA512

    e1a0bdded23488865ed658e53126c00856755a0d80d859ff021cd28eedb0e9ec7678812e61cb08434fcdefd5337f166383abee90d4f9057100ebb0d05cf8a9f5

  • SSDEEP

    98304:Oz3igQYVx9ZE5nYiF/VoazNgNEGlqlls7aJAUMLy6ynCU/W4+EBEA4oPNp:EygQWbe/VooNy10s2ZMLylTtrB

Malware Config

Extracted

Family

systembc

C2

5.42.65.67:4298

localhost.exchange:4298

Targets

    • Target

      23540c83cc4620f33d45dea691c6888b.exe

    • Size

      6.1MB

    • MD5

      23540c83cc4620f33d45dea691c6888b

    • SHA1

      bbdb961ad6fd8ad40cc3b8174242ca64f9a446a8

    • SHA256

      b17f6d86a9b9d63e841046b6b999e1197e81b2cf5cc6bcf376be9698e5d0f84b

    • SHA512

      e1a0bdded23488865ed658e53126c00856755a0d80d859ff021cd28eedb0e9ec7678812e61cb08434fcdefd5337f166383abee90d4f9057100ebb0d05cf8a9f5

    • SSDEEP

      98304:Oz3igQYVx9ZE5nYiF/VoazNgNEGlqlls7aJAUMLy6ynCU/W4+EBEA4oPNp:EygQWbe/VooNy10s2ZMLylTtrB

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Blocklisted process makes network request

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

MITRE ATT&CK Matrix

Tasks