systembc | a2379c7d2d9e767c1706f3c330c833bbec70f25cbfb119f0c066f57305a6bd5e | Triage

Sharing

General

Target

48126ab9186274b12b830d906caa78ac_JaffaCakes118
Size

201KB
Sample

241015-qp27ls1cjp
MD5

48126ab9186274b12b830d906caa78ac
SHA1

ef83558edce4af8d3598db67a4d40bf629b3cfd1
SHA256

a2379c7d2d9e767c1706f3c330c833bbec70f25cbfb119f0c066f57305a6bd5e
SHA512

ab3c8542d780d2e6dcecbbae6a92ec168ac1f8fd16d24a35872043f23f952269f9bbfa53ae79f038aeeb2734e66eba9d47e5701a77e90ac0ada4e968f532bdb0
SSDEEP

1536:Nw8uOqQ5oie5XEsS7BPgnbp23kYXuPhJ5+GFg1VNJ3iK6UVkqnJd1SjkloYMIF:Nw8vqBiIuBqJ5ZkrJ3iUpnOLY

Score

10^/10

systembc discovery trojan

Malware Config

Extracted

Family

systembc

C2

188.68.208.172

reserve-domain.com

Attributes

dns
5.132.191.104

Targets

- Target
  
  48126ab9186274b12b830d906caa78ac_JaffaCakes118
- Size
  
  201KB
- MD5
  
  48126ab9186274b12b830d906caa78ac
- SHA1
  
  ef83558edce4af8d3598db67a4d40bf629b3cfd1
- SHA256
  
  a2379c7d2d9e767c1706f3c330c833bbec70f25cbfb119f0c066f57305a6bd5e
- SHA512
  
  ab3c8542d780d2e6dcecbbae6a92ec168ac1f8fd16d24a35872043f23f952269f9bbfa53ae79f038aeeb2734e66eba9d47e5701a77e90ac0ada4e968f532bdb0
- SSDEEP
  
  1536:Nw8uOqQ5oie5XEsS7BPgnbp23kYXuPhJ5+GFg1VNJ3iK6UVkqnJd1SjkloYMIF:Nw8vqBiIuBqJ5ZkrJ3iUpnOLY
Score

10^/10

systembc discovery trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcdiscoverytrojan

behavioral2

systembcdiscoverytrojan