Overview

overview

10

Static

static

3

6af2283337...1c.dll

windows10-ltsc 2021-x64

10

Resubmissions

06-02-2025 18:26

250206-w3fhnavkek 10

06-02-2025 18:23

250206-w1f2eavjhp 3

06-02-2025 18:18

250206-wxn8lssnbw 3

Analysis

  • max time kernel
    94s
  • max time network
    141s
  • platform
    windows10-ltsc 2021_x64
  • resource
    win10ltsc2021-20250128-en
  • resource tags

    arch:x64arch:x86image:win10ltsc2021-20250128-enlocale:en-usos:windows10-ltsc 2021-x64system
  • submitted
    06-02-2025 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6af2283337104fac154c26c7c55f274f4c36a231497af96f414897dfbeb6691c.dll

  • Size

    170KB

  • MD5

    bdb4ac4471357fc7aa79b5e8c25856b4

  • SHA1

    4ebafc71fff4539f27a26b00bfc6ce6cd4041ac8

  • SHA256

    6af2283337104fac154c26c7c55f274f4c36a231497af96f414897dfbeb6691c

  • SHA512

    c50ba0b2f077af0036c7f0c71010f826bd655c5aa79cfef33469975e2b6f81b69288591fddf1bddbc6e4617426a39d86f0de22cca05d51c93e8779103ac4aef5

  • SSDEEP

    3072:Accccccc9cccccccccccccccycccccccccccccccccccccccBccccccccccccccT:5kJJRhgQy

Score
10/10
systembctrojan

Malware Config

Extracted

Family

systembc

C2

38.180.80.158:4396

Signatures

  • SystemBC

    SystemBC is a proxy and remote administration tool first seen in 2019.

    trojansystembc
  • Systembc family
    systembc
  • Blocklisted process makes network request 2 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\6af2283337104fac154c26c7c55f274f4c36a231497af96f414897dfbeb6691c.dll, #4
    1⤵
    • Blocklisted process makes network request
    PID:2100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2100-0-0x000001E6FD9F0000-0x000001E6FDA08000-memory.dmp

    Filesize

    96KB

    Download

  • memory/2100-1-0x000001E6FDA20000-0x000001E6FDA26000-memory.dmp

    Filesize

    24KB

    Download