Extracted

• • Target

    file.exe

  • Size

    1.2MB

  • MD5

    85ef87a0ec19c2b0040d09903af3bf95

  • SHA1

    c5c2cec3ccaf8e6893aac8e426d2c665110dc257

  • SHA256

    51182d0c1b3a9945b6d771bbeb03ac4f829fda788f7f80fe9a09a1a7f77c90c8

  • SHA512

    2342f2b3ad9c61284e4ca1ef815681a735422159872c10ccb21e44b9504cb746b64654a03235a9729e9cf9927f1bf4f86a6b0fcc4d5bf7e4cd999e696641159f

  • SSDEEP

    24576:An2puiGIDavIN67TWtK53yUFQFLUHwvoBBNnqRE9uPE3gt/iBi63U:7uUDawN6GksVMwvOqyucQtKBii

  Score

  10^/10

  discoverysystembctrojan

  • Suspicious use of NtCreateUserProcessOtherParentProcess

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc

  • Systembc family

    systembc

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Suspicious use of SetThreadContext

  behavioral1behavioral2