systembc | 8b862b5b0e4fdb4d398055c790a8846089b53ee47ce605efd3198426e4edaf4c | Triage

Sharing

General

Target

JaffaCakes118_8b862b5b0e4fdb4d398055c790a8846089b53ee47ce605efd3198426e4edaf4c
Size

698.1MB
Sample

241224-31h94a1mew
MD5

4ecaa168b95dd762fdcaea1b47b2a112
SHA1

962137afc085b16a55a44bbf6a3d62b2b3d6a6ee
SHA256

8b862b5b0e4fdb4d398055c790a8846089b53ee47ce605efd3198426e4edaf4c
SHA512

445b456ee8456695c75ed46ac65f65d4fb91fae59f05f6d9ed6f98123300aa9a354d19299e17e0a58348db000a9860538066be8fc7ee316ec59dda4ff832d0a5
SSDEEP

49152:WbGala7PGeJAyPjmSE83wQ52Ah1aYIziFbJATz9RJv5gns6hjVDmivym:NaleMyBfHqzR6dVDmivym

Score

10^/10

systembc discovery trojan

Malware Config

Extracted

Family

systembc

C2

185.209.30.138:4127

192.168.1.149:4127

Targets

- Target
  
  JaffaCakes118_8b862b5b0e4fdb4d398055c790a8846089b53ee47ce605efd3198426e4edaf4c
- Size
  
  698.1MB
- MD5
  
  4ecaa168b95dd762fdcaea1b47b2a112
- SHA1
  
  962137afc085b16a55a44bbf6a3d62b2b3d6a6ee
- SHA256
  
  8b862b5b0e4fdb4d398055c790a8846089b53ee47ce605efd3198426e4edaf4c
- SHA512
  
  445b456ee8456695c75ed46ac65f65d4fb91fae59f05f6d9ed6f98123300aa9a354d19299e17e0a58348db000a9860538066be8fc7ee316ec59dda4ff832d0a5
- SSDEEP
  
  49152:WbGala7PGeJAyPjmSE83wQ52Ah1aYIziFbJATz9RJv5gns6hjVDmivym:NaleMyBfHqzR6dVDmivym
Score

10^/10

systembc discovery trojan
- SystemBC
  SystemBC is a proxy and remote administration tool first seen in 2019.
  trojan systembc
- Systembc family
  systembc
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

systembcdiscoverytrojan

behavioral2

systembcdiscoverytrojan