Alias Description | Votes |
---|---|
Droxidat is a possible alias for Systembc. DroxiDat, a new variant of the SystemBC malware, was deployed in a series of attacks on critical infrastructure targets in Africa during the third and fourth weeks of March. The malware, which acts as a system profiler and simple SOCKS5-capable bot, was specifically detected at an electric utility c | 4 |
Coroxy is a possible alias for Systembc. Coroxy is a multifaceted malware, also known as SystemBC, DroxiDat, or Proxy, that serves as a backdoor and remote access tool (RAT), adapting to the requirements of attackers. It has been associated with the Play ransomware group, and its infection chain includes various tools such as PsExec, NetSc | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Smokeloader Malware is associated with Systembc. SmokeLoader is a malicious software (malware) that acts as a loader for other malware, injecting malicious code into the currently running explorer process and downloading additional payloads to the system. It has been used in conjunction with Phobos ransomware by threat actors who exploit its funct | Unspecified | 3 |
The Hijackloader Malware is associated with Systembc. HijackLoader is a new and rapidly growing malware in the cybercrime community, designed to exploit and damage computer systems. This malicious software infects systems through suspicious downloads, emails, or websites, often unbeknownst to the user. Once infiltrated, HijackLoader can steal personal | Unspecified | 2 |
The IcedID Malware is associated with Systembc. IcedID is a malicious software (malware) that has been implicated in numerous cybercrime campaigns. It has been associated with other notable malware such as Qakbot, BazarLoader, CobaltStrike, Conti, Gozi, Trickbot, Quantum, Emotet, Pikabot, and SystemBC. Its distribution often involves the use of d | Unspecified | 2 |
The Pikabot Malware is associated with Systembc. Pikabot is a malicious software (malware) that has been used extensively by various threat groups to exploit and damage computer systems. Initially, the BlackBasta group used phishing and vishing to deliver malware types such as DarkGate and Pikabot but quickly sought alternatives for further malici | Unspecified | 2 |
The Black Basta Malware is associated with Systembc. Black Basta is a notorious malware group known for its sophisticated ransomware attacks, which have targeted numerous high-profile entities. The group has demonstrated a remarkable ability to adapt their tactics, techniques, and procedures (TTPs), allowing them to effectively evade security defenses | Unspecified | 2 |
The Vidar Malware is associated with Systembc. Vidar is a malicious software (malware) that primarily targets Windows systems, written in C++ and based on the Arkei stealer. It has historically been favored by threat actors who sell logs through marketplaces like 2easy, alongside other infostealers such as Raccoon, RedLine, and AZORult. The malw | Unspecified | 2 |
The Redline Stealer Malware is associated with Systembc. The RedLine Stealer is a formidable malware that specializes in stealthily stealing credentials and sensitive information. First documented in 2020, it has since evolved to use the Windows Communication Foundation (WCF) framework and later a REST API for network communication. This malware infects s | Unspecified | 2 |
The Amadey Malware is associated with Systembc. Amadey is a malicious software (malware) that has been known since 2018 and is notorious for stealing credentials from popular browsers and various Virtual Network Computing (VNC) systems. The malware, which is often sold in underground forums, uses sophisticated techniques to infect systems, includ | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The Pistachio Tempest Threat Actor is associated with Systembc. Pistachio Tempest, also known as FIN12, is a threat actor that has been identified as a significant cybersecurity risk, particularly to the healthcare industry. According to a report by the U.S. Department of Health and Human Services (HHS) in 2022, this group has specifically targeted healthcare en | Unspecified | 2 |
The Rhysida Threat Actor is associated with Systembc. Rhysida is a globally active threat actor known for its ransomware operations, which have impacted a wide range of sectors, particularly the government and public sector. Their use of CleanUpLoader makes their operations highly effective and difficult to detect, as it not only facilitates persistenc | Unspecified | 2 |
The Vice Society Threat Actor is associated with Systembc. Vice Society, a threat actor or hacking team with malicious intent, has been active since 2022 and has made significant waves in the cybersecurity world. The group is known for deploying various forms of ransomware, including BlackCat, Quantum Locker, Zeppelin, and their own branded variant of Zeppe | Unspecified | 2 |
The FIN12 Threat Actor is associated with Systembc. FIN12, also known as DEV-0237 and Pistachio Tempest, is a threat actor group notorious for its malicious cyber activities. Tracked by Microsoft, this group is primarily engaged in the distribution of Hive, Conti, and Ryuk ransomware. The group has been responsible for several high-profile ransomware | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
Securelist | a month ago | ||
Securityaffairs | 2 months ago | ||
BankInfoSecurity | 3 months ago | ||
Trend Micro | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 4 months ago | ||
Securityaffairs | 7 months ago | ||
DARKReading | 9 months ago | ||
CrowdStrike | 9 months ago | ||
CERT-EU | 10 months ago | ||
CERT-EU | 10 months ago | ||
Securityaffairs | 10 months ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
Malwarebytes | a year ago | ||
CISA | a year ago | ||
CERT-EU | a year ago | ||
Securelist | a year ago | ||
CERT-EU | a year ago |