General

  • Target

    file.exe

  • Size

    613KB

  • Sample

    240602-d9b5psac76

  • MD5

    a1ad149a4d2a04338fd9a0d902410daf

  • SHA1

    d43db08458ea4a81cd32926a402d8a5d12728a2f

  • SHA256

    6e9f1c1298419230dbc24cfe76a8d64c8094e9d1335a0cef567042b3250e565a

  • SHA512

    cef534d0233f47048d6b80c49c4b44570fc436b90904ea84f03c24106ecb785802c424e1241ebd70b9a85f09b77f7c0322927c57a9d65959da4a425149e04128

  • SSDEEP

    12288:mhqxSLo5C1Ps4Xh/P58lhqxSLo5C1Ps4XhAjN81Ve:mHLmCiIhXyHLmCiIhocVe

Score
10/10

Malware Config

Extracted

Family

systembc

C2

cobusabobus.cam:4001

Targets

    • Target

      file.exe

    • Size

      613KB

    • MD5

      a1ad149a4d2a04338fd9a0d902410daf

    • SHA1

      d43db08458ea4a81cd32926a402d8a5d12728a2f

    • SHA256

      6e9f1c1298419230dbc24cfe76a8d64c8094e9d1335a0cef567042b3250e565a

    • SHA512

      cef534d0233f47048d6b80c49c4b44570fc436b90904ea84f03c24106ecb785802c424e1241ebd70b9a85f09b77f7c0322927c57a9d65959da4a425149e04128

    • SSDEEP

      12288:mhqxSLo5C1Ps4Xh/P58lhqxSLo5C1Ps4XhAjN81Ve:mHLmCiIhXyHLmCiIhocVe

    Score
    10/10
    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks