Extracted

• • Target

    file.exe

  • Size

    2.5MB

  • MD5

    ca3b49582edf9cab4714a35647907f3e

  • SHA1

    e9b265e85b333051d7014a7352747d09634a9fe6

  • SHA256

    05f41f450584e2f2a99ffe86ec699b2f1569b1080ffa801ca8b4adf3b6d1c832

  • SHA512

    83fd5d6bcf85df317a73d8fe89782fbe3541972bd5d187c749681e939024f22536c2ed1c41bfa37b46bd45b20c589e2b997923d8e8e49bb6fc68f58908e34fa9

  • SSDEEP

    49152:aF5alGJpSQXYVCV/EVCLV2Hpaht/rFoeeA6ASh2jQMTREJcI:aF5alGhXJ5EVCsitzFoeeA6jYnPI

  Score

  10^/10

  systembctrojan

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2