systembc | svc[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

svc.dll
Size

12.8MB
MD5

0aa05ebc3b6667954898cfccc4057600
SHA1

c59cbd309b3393cb08a1133364ed11000fdd418d
SHA256

44cf04192384e920215f0e335561076050129ad7a43b58b1319fa1f950f6a7b6
SHA512

d4abd9c548fa8e1e6681585b8e5375b216955ef8b621fb3a27f74e28975e8c6696df18cf96bd6e1229ad0c268877126caabc15b5849c3d401a45675aa0b2b31f
SSDEEP

393216:99pRr+jrfTxceLsf4KseXYpfkAxu7oSVVmr:7+jTTxccsfRXAWmr

Score

10^/10

systembc

Malware Config

Extracted

Family

systembc

185.236.232.20:445

192.168.1.28:445

Signatures

Systembc family
systembc

Files

svc.dll
.dll windows:5 windows x64 arch:x64

11d5f5c706a99ec2035db2fdaa4951e8

Code Sign

66:1a:e4:ba:1c:04:a6:81:4f:d1:6b:22:53:4e:5a:8d
Certificate

Issuer

CN=Pinnacle

Not Before

18-01-2024 13:33

Not After

18-01-2025 13:53

Subject

CN=Pinnacle

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

66:1a:e4:ba:1c:04:a6:81:4f:d1:6b:22:53:4e:5a:8d
Certificate

Issuer

CN=Pinnacle

Not Before

18-01-2024 13:33

Not After

18-01-2025 13:53

Subject

CN=Pinnacle

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

42:36:bb:41:3a:04:2f:55:63:c7:89:58:e1:09:c1:fd:7a:01:5f:b0:47:31:b6:ae:c3:2b:a9:fb:4a:0e:de:89
Signer

Actual PE Digest

42:36:bb:41:3a:04:2f:55:63:c7:89:58:e1:09:c1:fd:7a:01:5f:b0:47:31:b6:ae:c3:2b:a9:fb:4a:0e:de:89

Digest Algorithm

sha256

PE Digest Matches

true

4f:48:2b:70:0f:f4:52:76:6c:5f:fa:ec:5b:f6:1c:6d:1b:01:b6:b3
Signer

Actual PE Digest

4f:48:2b:70:0f:f4:52:76:6c:5f:fa:ec:5b:f6:1c:6d:1b:01:b6:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

wsprintfA

ws2_32

getaddrinfo

advapi32

GetTokenInformation

kernel32

WriteFile

secur32

GetUserNameExA

ole32

CoCreateInstance

Exports

Exports

LaunchZo

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 398B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mext0
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mext1
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mext2
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

11d5f5c706a99ec2035db2fdaa4951e8

Code Sign

66:1a:e4:ba:1c:04:a6:81:4f:d1:6b:22:53:4e:5a:8dCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

66:1a:e4:ba:1c:04:a6:81:4f:d1:6b:22:53:4e:5a:8dCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

42:36:bb:41:3a:04:2f:55:63:c7:89:58:e1:09:c1:fd:7a:01:5f:b0:47:31:b6:ae:c3:2b:a9:fb:4a:0e:de:89Signer

4f:48:2b:70:0f:f4:52:76:6c:5f:fa:ec:5b:f6:1c:6d:1b:01:b6:b3Signer

Headers

DLL Characteristics

File Characteristics

Imports

user32

ws2_32

advapi32

kernel32

secur32

ole32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 398B

.pdata Size: 512B - Virtual size: 324B

.mext0 Size: 6.6MB - Virtual size: 6.6MB

.mext1 Size: 512B - Virtual size: 144B

.mext2 Size: 6.2MB - Virtual size: 6.2MB

.reloc Size: 1024B - Virtual size: 988B

66:1a:e4:ba:1c:04:a6:81:4f:d1:6b:22:53:4e:5a:8d
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

66:1a:e4:ba:1c:04:a6:81:4f:d1:6b:22:53:4e:5a:8d
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

42:36:bb:41:3a:04:2f:55:63:c7:89:58:e1:09:c1:fd:7a:01:5f:b0:47:31:b6:ae:c3:2b:a9:fb:4a:0e:de:89
Signer

4f:48:2b:70:0f:f4:52:76:6c:5f:fa:ec:5b:f6:1c:6d:1b:01:b6:b3
Signer

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 398B

.pdata
Size: 512B - Virtual size: 324B

.mext0
Size: 6.6MB - Virtual size: 6.6MB

.mext1
Size: 512B - Virtual size: 144B

.mext2
Size: 6.2MB - Virtual size: 6.2MB

.reloc
Size: 1024B - Virtual size: 988B