HOMETHREATSSystemBC
MALWARE FAMILY

SystemBC

Internal ID: win.systembc
1
aliases
Last seen:Mar 17, 2026

Intelligence Profile

SystemBC is a multiplatform proxy malware active since August 2019. It creates SOCKS5 network tunnels in the victim’s network and connects to its C2 server using a custom, RC4-encrypted protocol. It can also download and execute additional malware, with payloads either written to disk or mapped into memory. The SystemBC kit, including the C2 panel, server, and malware executables, is sold in underground forums.

Threat Analysis

SystemBC is a malware family tracked by threat intelligence researchers and catalogued in the Malpedia dataset. It represents a distinct malicious software lineage with identifiable code characteristics, behaviors, and victimology.

External References

Quick Facts

TypeMalware Family
Aliases1

Also Known As

win.systembc

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.
SystemBC — Malware Family | Threat Intelligence | CTIWATCH.COM