Extracted

• • Target

    a35480f93ad4d0de19c119b903f6317cc8e59e779b654ec8f4bd5df4535267c6.exe

  • Size

    240KB

  • MD5

    9cc2a0c88851f241b01efa7e9372f32b

  • SHA1

    fc455d1c0ab2653c146a277e4e246a4e3e5ba0c2

  • SHA256

    a35480f93ad4d0de19c119b903f6317cc8e59e779b654ec8f4bd5df4535267c6

  • SHA512

    b1bb3fd5efc660d3831b773e710aaeb7723106e50de3ea3a5822348d255588c87cb900d5bcb094ae535b7cdddaddf3aa12180d660d389be0066c68897aad81d0

  • SSDEEP

    3072:spKr2asc3+9yYO1jkLp8x5IiCx//9IiGCH:YxQnyLeWVA

  Score

  10^/10

  systembcaspackv2discoverytrojan

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2