General

  • Target

    2024-10-13_422ebc5203d2a74ff0c73f08d581c3a0_mafia

  • Size

    459KB

  • Sample

    241013-cm59layamr

  • MD5

    422ebc5203d2a74ff0c73f08d581c3a0

  • SHA1

    752b86b58860377d0ed1f9570b1ed1324d3c4f2e

  • SHA256

    c69ab262ac3f73277c4b9a777a408f57feb618e2e00bc2e66e8d97274083c742

  • SHA512

    9313b1b0c3421e1825fde593bdb3cae293931d6ce8c241fa11ccc67305e16a357cf9256f37cb9ae505697edbce63444f3b3917be86d780b4f9c29baba37b1264

  • SSDEEP

    12288:ztBTQkfHSxBcu/Jdxq0rNIQ23nGbEbOKKSsMDxACqUBd:AMu/M0rWQ23nGsUSfDxAl

Malware Config

Extracted

Family

systembc

C2

212.232.22.140:443

Targets

    • Target

      2024-10-13_422ebc5203d2a74ff0c73f08d581c3a0_mafia

    • Size

      459KB

    • MD5

      422ebc5203d2a74ff0c73f08d581c3a0

    • SHA1

      752b86b58860377d0ed1f9570b1ed1324d3c4f2e

    • SHA256

      c69ab262ac3f73277c4b9a777a408f57feb618e2e00bc2e66e8d97274083c742

    • SHA512

      9313b1b0c3421e1825fde593bdb3cae293931d6ce8c241fa11ccc67305e16a357cf9256f37cb9ae505697edbce63444f3b3917be86d780b4f9c29baba37b1264

    • SSDEEP

      12288:ztBTQkfHSxBcu/Jdxq0rNIQ23nGbEbOKKSsMDxACqUBd:AMu/M0rWQ23nGsUSfDxAl

    • SystemBC

      SystemBC is a proxy and remote administration tool first seen in 2019.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks