Focus on DroxiDat/SystemBC – GIXtools
Tags
Common Information
| Type | Value |
|---|---|
| UUID | c9517cd9-b17b-4ba3-885f-2c861d83db7f |
| Fingerprint | 7102419fa91a60e |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 10, 2023, 11 a.m. |
| Added to db | Aug. 13, 2023, 2:05 a.m. |
| Last updated | Nov. 17, 2024, 6:54 p.m. |
| Headline | Focus on DroxiDat/SystemBC |
| Title | Focus on DroxiDat/SystemBC – GIXtools |
| Detected Hints/Tags/Attributes | 85/2/30 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://gixtools.net/2023/08/focus-on-droxidat-systembc/ |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 162 | ✔ | — | https://media.cert.europa.eu/rss?type=category&id=APTFilter&language=en&duplicates=false | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | powersupportplan.com |
|
| Details | Domain | 4 | epowersoftware.com |
|
| Details | File | 4 | syscheck.exe |
|
| Details | File | 1 | perflogssyscheck.exe |
|
| Details | File | 1208 | powershell.exe |
|
| Details | File | 1 | perflogshos.exe |
|
| Details | File | 1 | perflogssvch.dll |
|
| Details | File | 2 | rs.css |
|
| Details | File | 1 | perflogsa.dll |
|
| Details | File | 1 | perflogshost.exe |
|
| Details | File | 1 | perflogshostt.exe |
|
| Details | File | 1 | perflogssvchoct.dll |
|
| Details | File | 1 | perflogsadminsvcpost.dll |
|
| Details | File | 1 | perflogsadminsyscheck.exe |
|
| Details | File | 1 | perflogssk64.dll |
|
| Details | File | 1 | perflogsclinic.exe |
|
| Details | md5 | 4 | 8d582a14279920af10d37eae3ff2b705 |
|
| Details | md5 | 3 | 1957deed26c7f157cedcbdae3c565cff |
|
| Details | md5 | 4 | 19567b140ae6f266bac6d1ba70459fbd |
|
| Details | sha1 | 4 | f98b32755cbfa063a868c64bd761486f7d5240cc |
|
| Details | sha1 | 3 | be9e23e56c4a25a8ea453c093714eed5e36c66d0 |
|
| Details | sha1 | 4 | fd9016c64aea037465ce045d998c1eead3971d35 |
|
| Details | sha256 | 3 | a00ca18431363b32ca20bf2da33a2e2704ca40b0c56064656432afd18a62824e |
|
| Details | sha256 | 2 | 926fcb9483faa39dd93c8442e43af9285844a1fbbe493f3e4731bbbaecffb732 |
|
| Details | sha256 | 3 | a002668f47ff6eb7dd1b327a23bafc3a04bf5208f71610960366dfc28e280fe4 |
|
| Details | IPv4 | 4 | 93.115.25.41 |
|
| Details | IPv4 | 3 | 192.168.1.28 |
|
| Details | IPv4 | 4 | 179.60.146.6 |
|
| Details | IPv4 | 4 | 194.165.16.63 |
|
| Details | Threat Actor Identifier - FIN | 42 | FIN12 |