General

  • Target

    config.cpl

  • Size

    1.6MB

  • Sample

    231120-p9vslaga44

  • MD5

    509b68725e595b30fb2f38c8ea2cf9c4

  • SHA1

    1aff17b87ff213c1a8f4c8cfe48782e636b6fb32

  • SHA256

    4dae3b84eeb5e36c144f9fad2f2b06d9e82381cda6b1f043033cf3644f339558

  • SHA512

    dc7a8e6404c3b1e2600c16c66ed023e6e5f7010efa96fa2c4c5abf8fe4a8c4847abd133a1198d4bb12224c93d4ede1ef1dfe1c6c584749160e9beff2a1585389

  • SSDEEP

    24576:ejhyCJxQWOSUua9BgsID7yByhWjqcRE4ff6ySznNvWGYbjWfExlpaheDtg3UUag7:GfzUua9h9ERznNeXHWfExzmPLnvh6

Score
10/10

Malware Config

Extracted

Family

systembc

C2

62.173.140.37:4001

Targets

    • Target

      config.cpl

    • Size

      1.6MB

    • MD5

      509b68725e595b30fb2f38c8ea2cf9c4

    • SHA1

      1aff17b87ff213c1a8f4c8cfe48782e636b6fb32

    • SHA256

      4dae3b84eeb5e36c144f9fad2f2b06d9e82381cda6b1f043033cf3644f339558

    • SHA512

      dc7a8e6404c3b1e2600c16c66ed023e6e5f7010efa96fa2c4c5abf8fe4a8c4847abd133a1198d4bb12224c93d4ede1ef1dfe1c6c584749160e9beff2a1585389

    • SSDEEP

      24576:ejhyCJxQWOSUua9BgsID7yByhWjqcRE4ff6ySznNvWGYbjWfExlpaheDtg3UUag7:GfzUua9h9ERznNeXHWfExzmPLnvh6

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks