systembc | 399d335502736eef61d1377630acc60bc88d5857e13a4500e3175a0a70dd1152 | Triage

Submit
Reports

Overview

overview

Static

static

3

5d57aaeb13...0N.exe

windows7-x64

5d57aaeb13...0N.exe

windows10-2004-x64

Sharing

General

Target

5d57aaeb136d7e63d4a390c0a031f300N.exe
Size

1.0MB
Sample

240821-z7a1hsvelj
MD5

5d57aaeb136d7e63d4a390c0a031f300
SHA1

91dfc3a88b14597d0834451df07bd4af7716c7b3
SHA256

399d335502736eef61d1377630acc60bc88d5857e13a4500e3175a0a70dd1152
SHA512

b1f1e437e6df82a0429c0c8467b8b221c10284bc423555d2e025224c2e8deb7af468573a9202d599bc914e1b143c841d65178e09d2a0e4fadd1e030a6a92c78c
SSDEEP

6144:X9mI/A/bpCQqR5yqL5pbqD8T/ruThC711qC711f:X9ro/4QqLrqDC/ru8PDPf

Score

10^/10

systembc discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5d57aaeb136d7e63d4a390c0a031f300N.exe

Resource

win7-20240708-en

systembc discovery trojan

windows7-x64

8 signatures

120 seconds

Behavioral task

behavioral2

Sample

5d57aaeb136d7e63d4a390c0a031f300N.exe

Resource

win10v2004-20240802-en

systembc discovery trojan

windows10-2004-x64

8 signatures

120 seconds

Malware Config

Extracted

Family

systembc

C2

yan0212.com:4039

yan0212.net:4039

Targets

- Target
  
  5d57aaeb136d7e63d4a390c0a031f300N.exe
- Size
  
  1.0MB
- MD5
  
  5d57aaeb136d7e63d4a390c0a031f300
- SHA1
  
  91dfc3a88b14597d0834451df07bd4af7716c7b3
- SHA256
  
  399d335502736eef61d1377630acc60bc88d5857e13a4500e3175a0a70dd1152
- SHA512
  
  b1f1e437e6df82a0429c0c8467b8b221c10284bc423555d2e025224c2e8deb7af468573a9202d599bc914e1b143c841d65178e09d2a0e4fadd1e030a6a92c78c
- SSDEEP
  
  6144:X9mI/A/bpCQqR5yqL5pbqD8T/ruThC711qC711f:X9ro/4QqLrqDC/ru8PDPf
Score

10^/10

systembc discovery trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Uses Tor communications
  Malware can proxy its traffic through Tor for more anonymity.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Proxy

Exfiltration

Impact

Tasks

static1

behavioral1

systembcdiscoverytrojan

behavioral2

systembcdiscoverytrojan

© 2018-2024

Terms | Privacy