systembc | 318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd | Triage

Resubmissions

18-04-2024 11:20

240418-nfk6macg3w 10

18-04-2024 11:20

240418-nfh19scg3t 10

18-04-2024 11:20

240418-nfheqsbd89 10

18-04-2024 11:20

240418-nfghfacg2x 10

18-04-2024 11:20

240418-nffwxacg2w 10

18-04-2024 09:59

240418-l1f2asba9x 10

Sharing

General

Target

318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd
Size

350KB
Sample

240418-nfk6macg3w
MD5

0dc61438b79668900bd081bac6109760
SHA1

2ee66fd972c2d28ad30775971ba95056951910f0
SHA256

318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd
SHA512

467b352ce6188e6126050c229cd47b526e83ef3535449c3f02b70491e159523d7cc8ebb28caab4e8d98627a22a0af1faf13b134072309dfe56ad175d18177ca7
SSDEEP

6144:RoX0oZ+rm/OV6ZH7XYuB4xpuMadbr2X3f+gOkXdhFr:Ry0xrm/h7XYuWCMaV2XWgO8hFr

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

knock0909.monster:4035

knock0909.xyz:4035

Targets

- Target
  
  318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd
- Size
  
  350KB
- MD5
  
  0dc61438b79668900bd081bac6109760
- SHA1
  
  2ee66fd972c2d28ad30775971ba95056951910f0
- SHA256
  
  318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd
- SHA512
  
  467b352ce6188e6126050c229cd47b526e83ef3535449c3f02b70491e159523d7cc8ebb28caab4e8d98627a22a0af1faf13b134072309dfe56ad175d18177ca7
- SSDEEP
  
  6144:RoX0oZ+rm/OV6ZH7XYuB4xpuMadbr2X3f+gOkXdhFr:Ry0xrm/h7XYuWCMaV2XWgO8hFr
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
- Suspicious use of SetThreadContext
behavioral1 behavioral2 behavioral3 behavioral4 behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5