systembc | 318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd | Triage

Sharing

General

Target

0dc61438b79668900bd081bac6109760_JaffaCakes118
Size

350KB
Sample

240728-htwlmaxeme
MD5

0dc61438b79668900bd081bac6109760
SHA1

2ee66fd972c2d28ad30775971ba95056951910f0
SHA256

318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd
SHA512

467b352ce6188e6126050c229cd47b526e83ef3535449c3f02b70491e159523d7cc8ebb28caab4e8d98627a22a0af1faf13b134072309dfe56ad175d18177ca7
SSDEEP

6144:RoX0oZ+rm/OV6ZH7XYuB4xpuMadbr2X3f+gOkXdhFr:Ry0xrm/h7XYuWCMaV2XWgO8hFr

Score

10^/10

systembc discovery trojan

Malware Config

Extracted

Family

systembc

C2

knock0909.monster:4035

knock0909.xyz:4035

Targets

- Target
  
  0dc61438b79668900bd081bac6109760_JaffaCakes118
- Size
  
  350KB
- MD5
  
  0dc61438b79668900bd081bac6109760
- SHA1
  
  2ee66fd972c2d28ad30775971ba95056951910f0
- SHA256
  
  318e0bd67ccbf40f50b848831fb2885b161e68acdfaaa0c619c79b3912af2ecd
- SHA512
  
  467b352ce6188e6126050c229cd47b526e83ef3535449c3f02b70491e159523d7cc8ebb28caab4e8d98627a22a0af1faf13b134072309dfe56ad175d18177ca7
- SSDEEP
  
  6144:RoX0oZ+rm/OV6ZH7XYuB4xpuMadbr2X3f+gOkXdhFr:Ry0xrm/h7XYuWCMaV2XWgO8hFr
Score

10^/10

systembc discovery trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

systembcdiscoverytrojan

behavioral2

systembcdiscoverytrojan