systembc | bbf284e7e60430e7aa64fa92781ed283fd46883831720b959d8c786a42af7711 | Triage

Resubmissions

26-05-2024 07:53

240526-jq9jracf36 10

Sharing

General

Target

bbf284e7e60430e7aa64fa92781ed283fd46883831720b959d8c786a42af7711.exe
Size

662KB
Sample

240526-jq9jracf36
MD5

0dd1f6c2b9bf477115701a1340d8d9a2
SHA1

7b074f54130217609435efe3f45ba38d363dd381
SHA256

bbf284e7e60430e7aa64fa92781ed283fd46883831720b959d8c786a42af7711
SHA512

a3c8bcc7fe527eb2de6a6dd230bca9b4424653c6e251c1113bc27bd8c42cf79e1be1974e20c733e51be38f2c222ee1338257fd86209f2411f86e5f65213206e6
SSDEEP

12288:GubsNSOetfARQAPyGUu7zNubsNSOetfARQAPyGUfT+tkrvdv:GubsnafAPyjSzNubsnafAPyjZrvh

Score

10^/10

systembc trojan

Malware Config

Extracted

Family

systembc

C2

cobusabobus.cam:4001

Targets

- Target
  
  bbf284e7e60430e7aa64fa92781ed283fd46883831720b959d8c786a42af7711.exe
- Size
  
  662KB
- MD5
  
  0dd1f6c2b9bf477115701a1340d8d9a2
- SHA1
  
  7b074f54130217609435efe3f45ba38d363dd381
- SHA256
  
  bbf284e7e60430e7aa64fa92781ed283fd46883831720b959d8c786a42af7711
- SHA512
  
  a3c8bcc7fe527eb2de6a6dd230bca9b4424653c6e251c1113bc27bd8c42cf79e1be1974e20c733e51be38f2c222ee1338257fd86209f2411f86e5f65213206e6
- SSDEEP
  
  12288:GubsNSOetfARQAPyGUu7zNubsNSOetfARQAPyGUfT+tkrvdv:GubsnafAPyjSzNubsnafAPyjZrvh
Score

10^/10

systembc trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2