General

  • Target

    NEAS.NEAS3d1d747d644420a2bdc07207b29a0509531e22eb0b1eedcd052f85085bef6865exeexe_JC.exe

  • Size

    329KB

  • Sample

    231021-wtnsnsaa75

  • MD5

    aa97e84ddfed87f96092e40ae29e9a63

  • SHA1

    fac0269ee01837c1d221ad778d5ff88de831aac2

  • SHA256

    3d1d747d644420a2bdc07207b29a0509531e22eb0b1eedcd052f85085bef6865

  • SHA512

    fb73856e81a0ffe0aefa6b9bf553903d498c02a9fa954ea1f41be28090937975aceb6e8073499f456bab5b76ab9c1850606cfbef0c504fa41b5e3816579f6a79

  • SSDEEP

    6144:J5TwVXXB9bnsa1hp1usSnoFSRvrv0DqK3cSs6myXJ0UDaqwSFH:J50JR9oa1h6noEVv0xH56ULwSF

Score
10/10

Malware Config

Extracted

Family

systembc

C2

mxstat215dm.xyz:4044

mxstex725dm.xyz:4044

Targets

    • Target

      NEAS.NEAS3d1d747d644420a2bdc07207b29a0509531e22eb0b1eedcd052f85085bef6865exeexe_JC.exe

    • Size

      329KB

    • MD5

      aa97e84ddfed87f96092e40ae29e9a63

    • SHA1

      fac0269ee01837c1d221ad778d5ff88de831aac2

    • SHA256

      3d1d747d644420a2bdc07207b29a0509531e22eb0b1eedcd052f85085bef6865

    • SHA512

      fb73856e81a0ffe0aefa6b9bf553903d498c02a9fa954ea1f41be28090937975aceb6e8073499f456bab5b76ab9c1850606cfbef0c504fa41b5e3816579f6a79

    • SSDEEP

      6144:J5TwVXXB9bnsa1hp1usSnoFSRvrv0DqK3cSs6myXJ0UDaqwSFH:J50JR9oa1h6noEVv0xH56ULwSF

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks