systembc | b2b82c1977c17aec7ba0074f56c0d61100e616a0ce72dab748ec4269db6c0793 | Triage

Submit
Reports

Overview

overview

Static

static

7

winprofile

windows7-x64

winprofile

windows10-1703-x64

Sharing

General

Target

b2b82c1977c17aec7ba0074f56c0d61100e616a0ce72dab748ec4269db6c0793
Size

6.0MB
Sample

230809-ebb8gsae8t
MD5

62813c6cab9234e83949fcc563c33b57
SHA1

474c9abc14fea035d0e80128dbd7260f0cbc42b2
SHA256

b2b82c1977c17aec7ba0074f56c0d61100e616a0ce72dab748ec4269db6c0793
SHA512

a29cdda3218566509cfc3d07b50bfe9ece45fd6a57cb12b649b283204191326e30746bc9d33c63b2e8281b65fd1f19cc79092b81e8cd67d593010c3574986542
SSDEEP

98304:Yk/CgBuUFSDyJ6FqBh2Rvtu9+GdULsSuPbm5u1et8yDD27AadUEpnoj:DBumcyJ6O3LdCgPbSket8yDDTsGj

Score

10^/10

systembc trojan vmprotect

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

b2b82c1977c17aec7ba0074f56c0d61100e616a0ce72dab748ec4269db6c0793.dll

Resource

win7-20230712-en

systembc trojan vmprotect

windows7-x64

4 signatures

300 seconds

Behavioral task

behavioral2

Sample

b2b82c1977c17aec7ba0074f56c0d61100e616a0ce72dab748ec4269db6c0793.dll

Resource

win10-20230703-en

systembc trojan vmprotect

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

systembc

C2

5.42.65.67:4298

localhost.exchange:4298

Targets

- Target
  
  b2b82c1977c17aec7ba0074f56c0d61100e616a0ce72dab748ec4269db6c0793
- Size
  
  6.0MB
- MD5
  
  62813c6cab9234e83949fcc563c33b57
- SHA1
  
  474c9abc14fea035d0e80128dbd7260f0cbc42b2
- SHA256
  
  b2b82c1977c17aec7ba0074f56c0d61100e616a0ce72dab748ec4269db6c0793
- SHA512
  
  a29cdda3218566509cfc3d07b50bfe9ece45fd6a57cb12b649b283204191326e30746bc9d33c63b2e8281b65fd1f19cc79092b81e8cd67d593010c3574986542
- SSDEEP
  
  98304:Yk/CgBuUFSDyJ6FqBh2Rvtu9+GdULsSuPbm5u1et8yDD27AadUEpnoj:DBumcyJ6O3LdCgPbSket8yDDTsGj
Score

10^/10

systembc trojan vmprotect
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Blocklisted process makes network request
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

systembctrojanvmprotect

behavioral2

systembctrojanvmprotect

© 2018-2024

Terms | Privacy