Extracted

• • Target

    11c509649c391209ce09bc178ebffcfc7cbfcf038ce699aebfd1303191c136aa.exe

  • Size

    248KB

  • MD5

    ecd0928e717ce95b2918b50460813db7

  • SHA1

    bdb4d8572ef6f4a48fa0b5d9d6988bd6ac73db30

  • SHA256

    11c509649c391209ce09bc178ebffcfc7cbfcf038ce699aebfd1303191c136aa

  • SHA512

    ae1d641d2fcd77c8112928ccf564a028244f5763d8f93a093392ce561bac959d667325ac2d3a72abd2c3e3d358870bef1a930d44c611651c6356c0b6830d60e8

  • SSDEEP

    3072:cLiOmI5XFUfxR14JisxsyCz8Q5bPdO4OyGCH:i1mmUeJZjeFe

  Score

  10^/10

  systembcaspackv2discoverytrojan

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc

  • ASPack v2.12-2.42

    Detects executables packed with ASPack v2.12-2.42

    aspackv2

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2