General

  • Target

    b88dbef1fb964949819ed0d61d9bb929e2bdad3c8773bb11a0f23a6da6db80fa

  • Size

    638KB

  • Sample

    230902-sqlblaeb48

  • MD5

    3acf9d8cd3f4c175dc7f0c9c3f5160f4

  • SHA1

    993b942ad735e986f5680662f7664ccc7375ecc3

  • SHA256

    b88dbef1fb964949819ed0d61d9bb929e2bdad3c8773bb11a0f23a6da6db80fa

  • SHA512

    bc2882830c194fbd9b005267f21bf1543e99ceb1b128cda009a1600d9fa7216395a2df94964a8a08e41c08bebec333bc5a644a8520eee19587506436b54d8de4

  • SSDEEP

    6144:yj8z9RZc3j72ixGWSKv0BE0P7Yd3R3tqAAKAXAAXAAXAAXAqtAAAAAAAAnQwp7u5:yQz97iDxGWSKME4EzmtewscDnochEFz

Score
10/10

Malware Config

Extracted

Family

systembc

C2

mxstat215dm.xyz:4044

mxstex725dm.xyz:4044

Targets

    • Target

      b88dbef1fb964949819ed0d61d9bb929e2bdad3c8773bb11a0f23a6da6db80fa

    • Size

      638KB

    • MD5

      3acf9d8cd3f4c175dc7f0c9c3f5160f4

    • SHA1

      993b942ad735e986f5680662f7664ccc7375ecc3

    • SHA256

      b88dbef1fb964949819ed0d61d9bb929e2bdad3c8773bb11a0f23a6da6db80fa

    • SHA512

      bc2882830c194fbd9b005267f21bf1543e99ceb1b128cda009a1600d9fa7216395a2df94964a8a08e41c08bebec333bc5a644a8520eee19587506436b54d8de4

    • SSDEEP

      6144:yj8z9RZc3j72ixGWSKv0BE0P7Yd3R3tqAAKAXAAXAAXAAXAqtAAAAAAAAnQwp7u5:yQz97iDxGWSKME4EzmtewscDnochEFz

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks