systembc | 24e83878304744562f8426b7b444026c03b0941807c0ad35993ff9f75ce85811 | Triage

Sharing

General

Target

df903c620508011ca8eb2aaaf9712a526b31a12c800b856cd524ebb3fde854b2.zip
Size

7KB
Sample

241001-qmgsws1fpm
MD5

a77f56bdf12ed4edcb576934d931a308
SHA1

8d09f537291c647d29821248bda41f43cb8f5da0
SHA256

24e83878304744562f8426b7b444026c03b0941807c0ad35993ff9f75ce85811
SHA512

8718f9cf42e7593833b124798e95114bc8dec8c478662f83c1de1248b29485bdc522a51e24e09df0eaa62644345b0145c28c7128ea7712676367633a6213f797
SSDEEP

192:X5G649SPMr0vCSpqZ0HYA4lCEVJrdkgcRAlEqv7EDb/+gvq:JGp9CMOCSpqSH4lZzrdkqlE/+Yq

Score

10^/10

systembc discovery persistence

Malware Config

Extracted

Family

systembc

C2

94.232.46.202:4321

192.168.1.28:4321

Targets

- Target
  
  df903c620508011ca8eb2aaaf9712a526b31a12c800b856cd524ebb3fde854b2
- Size
  
  15KB
- MD5
  
  97b70e89b5313612a9e7a339ee82ab67
- SHA1
  
  f164332a0103c4ea21fb4f922f73078b565190e7
- SHA256
  
  df903c620508011ca8eb2aaaf9712a526b31a12c800b856cd524ebb3fde854b2
- SHA512
  
  cdcb80a964036a36fcf532271502d452e8b6cb90d9e528df46c417a40f3bb2e1dba8758c8264547d1ab377f405645b4b4617098aa3fb7096e20cf5ac25bb28e6
- SSDEEP
  
  384:8/wK8VcHXC3pA/ZbdrJXNcQbvZWXhphZBZKICmo:se2XJBbxJXZchph5/CX
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence