Extracted

• • Target

    a41982f4915a70f246b0d6109280f39b

  • Size

    209KB

  • MD5

    a41982f4915a70f246b0d6109280f39b

  • SHA1

    a256130c4872a7860a95dbabfd6e8b5ea60e83aa

  • SHA256

    31cdb1024e6010e5a59c0fc509432e6928c4eaf1a42c82e9fbd33e9aac2c552c

  • SHA512

    890395bc017590ccf80e08b0d542c7c556c6d30cb7bb1902acc525745bcb225467fe0c9c213836eca0f577058334bfc90e6a767cbcb9e9ea5bff870ba006032a

  • SSDEEP

    6144:YDnLgI91y1UkT57iJz/DpURWPSvHuUiYphu1Us:cnLh9yn52rpUR5vHuRYpM+s

  Score

  10^/10

  systembctrojanupx

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Uses Tor communications

    Malware can proxy its traffic through Tor for more anonymity.

  behavioral1behavioral2behavioral3behavioral4