systembc | 38ee04ee9d3b3912013d54483d8f822eebd0367408b369bc09f46cb339a54313 | Triage

Sharing

General

Target

38ee04ee9d3b3912013d54483d8f822eebd0367408b369bc09f46cb339a54313
Size

255KB
Sample

241112-z2l6lazqcx
MD5

f5305d6a8d8d83f4e8f65fd63fc6aff9
SHA1

966a90baf892a8d1cff1e6ba464e4c29a09b3a3c
SHA256

38ee04ee9d3b3912013d54483d8f822eebd0367408b369bc09f46cb339a54313
SHA512

49cb3f5889be0808dfee4acc1c81b194d04fa66075e1c39f52b6077ad598aac2964c74a3007191c0648f661bd16774a5c24855a801f9c767d49881f02a6c8569
SSDEEP

6144:9g28Oa0kdZDIcpA9xiNFiVg7s/LDoe+voS7g:9g3O7kj5pAh/3qvoS7g

Score

10^/10

systembc discovery persistence trojan

Malware Config

Extracted

Family

systembc

C2

mailh.org:4001

Targets

- Target
  
  38ee04ee9d3b3912013d54483d8f822eebd0367408b369bc09f46cb339a54313
- Size
  
  255KB
- MD5
  
  f5305d6a8d8d83f4e8f65fd63fc6aff9
- SHA1
  
  966a90baf892a8d1cff1e6ba464e4c29a09b3a3c
- SHA256
  
  38ee04ee9d3b3912013d54483d8f822eebd0367408b369bc09f46cb339a54313
- SHA512
  
  49cb3f5889be0808dfee4acc1c81b194d04fa66075e1c39f52b6077ad598aac2964c74a3007191c0648f661bd16774a5c24855a801f9c767d49881f02a6c8569
- SSDEEP
  
  6144:9g28Oa0kdZDIcpA9xiNFiVg7s/LDoe+voS7g:9g3O7kj5pAh/3qvoS7g
Score

10^/10

systembc discovery persistence trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Systembc family
  systembc
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcdiscoverypersistencetrojan

behavioral2

systembcdiscoverypersistencetrojan