systembc | 1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127 | Triage

Sharing

General

Target

1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127.dll
Size

655KB
Sample

241002-lh65rsyglp
MD5

7cbf2951f13cd54abd951b1d289e2655
SHA1

d345e1d251714508a28544dc00e5950b05116ce1
SHA256

1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127
SHA512

773cc4fdf347454181173305ac5df67ed829f918411d3234ad4be33a6f2cf6fd142ef9c64ab18ac2fba64acf29b667f17ba1d3b4fc8fad39c9c0f2c580e45652
SSDEEP

12288:5VM1TXEY93cdWFnQyS94SjU3u8nTef/TUKo9vy0lg3BJhRbignDYy+z:jMJ0Y6dWJQyS/jj8nTefLUKEyGK/PMr

Score

10^/10

systembc discovery trojan

Malware Config

Extracted

Family

systembc

C2

38.132.122.161:443

Targets

- Target
  
  1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127.dll
- Size
  
  655KB
- MD5
  
  7cbf2951f13cd54abd951b1d289e2655
- SHA1
  
  d345e1d251714508a28544dc00e5950b05116ce1
- SHA256
  
  1845a910dcde8c6e45ad2e0c48439e5ab8bbbeb731f2af11a1b7bbab3bfe0127
- SHA512
  
  773cc4fdf347454181173305ac5df67ed829f918411d3234ad4be33a6f2cf6fd142ef9c64ab18ac2fba64acf29b667f17ba1d3b4fc8fad39c9c0f2c580e45652
- SSDEEP
  
  12288:5VM1TXEY93cdWFnQyS94SjU3u8nTef/TUKo9vy0lg3BJhRbignDYy+z:jMJ0Y6dWJQyS/jj8nTefLUKEyGK/PMr
Score

10^/10

systembc discovery trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcdiscoverytrojan

behavioral2

systembcdiscoverytrojan