General

  • Target

    config.zip

  • Size

    1.4MB

  • Sample

    231120-qalw3sha2s

  • MD5

    4b66d223b0f4280ad86b1461bf043241

  • SHA1

    71d79203a79d1dc27dd9febf7fabc7679d340613

  • SHA256

    7107780930bf2cf64102e18ed81d74e244eaff05ae14341ac8b7818b9190be4c

  • SHA512

    b87a512e33bf5661c93dc09f6bc4be0de39b0a5fac186e08e7be05eaec14324cb04fd1711f0a2a87fb46d0e149871075b0dbd6d76c067ec3ff2a98a83c98d56b

  • SSDEEP

    24576:i2bgT85/gGZdJeHV1H0pr/NPoCpVLPIvG1uSRYK2OMuOBexqb3N14XoSg9jTD9VJ:lcT86+eH7UzPoCpVDIvyBVzMgkTPf9nR

Score
10/10

Malware Config

Extracted

Family

systembc

C2

62.173.140.37:4001

Targets

    • Target

      config.cpl

    • Size

      1.6MB

    • MD5

      509b68725e595b30fb2f38c8ea2cf9c4

    • SHA1

      1aff17b87ff213c1a8f4c8cfe48782e636b6fb32

    • SHA256

      4dae3b84eeb5e36c144f9fad2f2b06d9e82381cda6b1f043033cf3644f339558

    • SHA512

      dc7a8e6404c3b1e2600c16c66ed023e6e5f7010efa96fa2c4c5abf8fe4a8c4847abd133a1198d4bb12224c93d4ede1ef1dfe1c6c584749160e9beff2a1585389

    • SSDEEP

      24576:ejhyCJxQWOSUua9BgsID7yByhWjqcRE4ff6ySznNvWGYbjWfExlpaheDtg3UUag7:GfzUua9h9ERznNeXHWfExzmPLnvh6

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks