General

  • Target

    a0a5ebd512b7685798ac966c0b05415df9eff585a79af11c9ff99d7aa17e2101.exe

  • Size

    243KB

  • Sample

    240126-ntmxdacga4

  • MD5

    fa0d040012c9eb686602607766b8f210

  • SHA1

    9fdb6350a5afa7d829fe5a8ee66bdb5d22c19d0b

  • SHA256

    8605f5613c0d7b1cc5bd360eb03a9740d2508e93636b28f7ed27af2c29517a5d

  • SHA512

    98c7a577ca076403e8e999058336c0bf27457ca88c7e29747d08f0d150d09cd761c2356dad9de13522dc19acd15565948f26b374127a250f6338c79b47ef62b5

  • SSDEEP

    6144:OvsuhHxVeXVyF0j7j44hFnl6lgs2lL7flAx:OvLhHziVHvj7rYJ

Score
10/10

Malware Config

Extracted

Family

systembc

C2

advertspace10.club:4044

logstat17.club:4044

Targets

    • Target

      a0a5ebd512b7685798ac966c0b05415df9eff585a79af11c9ff99d7aa17e2101.exe

    • Size

      243KB

    • MD5

      fa0d040012c9eb686602607766b8f210

    • SHA1

      9fdb6350a5afa7d829fe5a8ee66bdb5d22c19d0b

    • SHA256

      8605f5613c0d7b1cc5bd360eb03a9740d2508e93636b28f7ed27af2c29517a5d

    • SHA512

      98c7a577ca076403e8e999058336c0bf27457ca88c7e29747d08f0d150d09cd761c2356dad9de13522dc19acd15565948f26b374127a250f6338c79b47ef62b5

    • SSDEEP

      6144:OvsuhHxVeXVyF0j7j44hFnl6lgs2lL7flAx:OvLhHziVHvj7rYJ

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Executes dropped EXE

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Matrix

Tasks