systembc | 9ab42dd0edbb92405904350c550525878312858405e737c7414025dab5981c80 | Triage

Submit
Reports

Overview

overview

Static

static

7

3e58382005...b1.exe

windows7-x64

3e58382005...b1.exe

windows10-2004-x64

Resubmissions

15-04-2024 11:19

240415-nfa1nada96 10

10-04-2024 03:13

240410-dqqhzsfh2w 10

10-04-2024 03:12

240410-dqp78ace62 10

10-04-2024 03:12

240410-dqplpafh2v 10

10-04-2024 03:12

240410-dqpaxsce59 10

22-12-2023 00:59

231222-bb35escaf6 10

Sharing

General

Target

3e58382005322606bd6ae12da2f209b1
Size

209KB
Sample

231222-bb35escaf6
MD5

3e58382005322606bd6ae12da2f209b1
SHA1

0afab0c2514061f3d341f720705e54aad4a4f36e
SHA256

9ab42dd0edbb92405904350c550525878312858405e737c7414025dab5981c80
SHA512

13c8df1f07d1584cc827fcc78b691cac78e7cd95ad0e2578974acb9bd8b0c2770d410d743fdc84ffa4c1a431ebe05772715d6bd57489abb7dc249b43b241c1ee
SSDEEP

6144:YDnLgI91y1UkT57iJz/DpURWPSvHuUiYphu1UR:cnLh9yn52rpUR5vHuRYpM+R

Score

10^/10

systembc trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

3e58382005322606bd6ae12da2f209b1.exe

Resource

win7-20231215-en

systembc trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

3e58382005322606bd6ae12da2f209b1.exe

Resource

win10v2004-20231222-en

systembc trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

systembc

C2

yan0212.com:4039

yan0212.net:4039

Targets

- Target
  
  3e58382005322606bd6ae12da2f209b1
- Size
  
  209KB
- MD5
  
  3e58382005322606bd6ae12da2f209b1
- SHA1
  
  0afab0c2514061f3d341f720705e54aad4a4f36e
- SHA256
  
  9ab42dd0edbb92405904350c550525878312858405e737c7414025dab5981c80
- SHA512
  
  13c8df1f07d1584cc827fcc78b691cac78e7cd95ad0e2578974acb9bd8b0c2770d410d743fdc84ffa4c1a431ebe05772715d6bd57489abb7dc249b43b241c1ee
- SSDEEP
  
  6144:YDnLgI91y1UkT57iJz/DpURWPSvHuUiYphu1UR:cnLh9yn52rpUR5vHuRYpM+R
Score

10^/10

systembc trojan upx
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

systembctrojanupx

behavioral2

systembctrojanupx

© 2018-2025

Terms | Privacy