systembc | 33626834ce190f58584d566022ca50ff38f6b34d0231944ef0d27bd7ab7ae6b7_JC[.]dll

General

Target

33626834ce190f58584d566022ca50ff38f6b34d0231944ef0d27bd7ab7ae6b7_JC.dll
Size

13KB
MD5

a130a2c82983817cd8f4d4bf6685cc19
SHA1

3bbad66dd498e37ad93d04afcad01d82eca35e43
SHA256

33626834ce190f58584d566022ca50ff38f6b34d0231944ef0d27bd7ab7ae6b7
SHA512

758cb52f96ab3552f3788f510fe87ea87a75a67fa2aabcb20af892d7d1f7058d1b0593f8cc0ccd9508a442e1301d4659cd56669caf8718d885ce0f1142fc953e
SSDEEP

384:yhH/RvZWp/HVCr8/C97QRwcF7UcnHF7r:yc/HVC77QKctUkl7r

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

C2

45.61.136.241:4001

Signatures

Systembc family
systembc

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33626834ce190f58584d566022ca50ff38f6b34d0231944ef0d27bd7ab7ae6b7_JC.dll

Files

33626834ce190f58584d566022ca50ff38f6b34d0231944ef0d27bd7ab7ae6b7_JC.dll
.dll windows:4 windows x86

7fb7ae4f64db732e394920baa7ca1fe4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
UpdateWindow
PostQuitMessage
LoadIconA
LoadCursorA
wsprintfA
RegisterClassA
TranslateMessage
GetMessageA
DispatchMessageA
DefWindowProcA
CreateWindowExA

kernel32

SetEvent
SetFilePointer
Sleep
GetTempPathA
WriteFile
WaitForSingleObject
VirtualFree
VirtualAlloc
CloseHandle
CreateEventA
CreateFileA
CreateThread
ExitProcess
FileTimeToSystemTime
GetCurrentProcess
GetLocalTime
GetModuleHandleA
LocalFree
GetVolumeInformationA
LocalAlloc
SystemTimeToFileTime

advapi32

GetTokenInformation
OpenProcessToken
GetSidSubAuthority

wsock32

WSAStartup
closesocket
connect
htons
inet_addr
inet_ntoa
ioctlsocket
recv
select
send
setsockopt
shutdown
socket

ws2_32

freeaddrinfo
WSAIoctl
getaddrinfo

ole32

CoUninitialize
CoInitialize
CoCreateInstance

secur32

GetUserNameExW
GetUserNameExA

Exports

Exports

rundll

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 306B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

7fb7ae4f64db732e394920baa7ca1fe4

Headers

File Characteristics

Imports

user32

kernel32

advapi32

wsock32

ws2_32

ole32

secur32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 428B

.reloc Size: 512B - Virtual size: 306B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 428B

.reloc
Size: 512B - Virtual size: 306B