Malware
SystemBC
aka Coroxy · DroxiDat
SystemBC is a multiplatform proxy malware active since August 2019.
SystemBC, also known as Coroxy, DroxiDat, is a Windows malware family operated by Vanilla Tempest.
Background
SystemBC is a cross-platform proxy malware that has been in circulation since August 2019. It establishes SOCKS5 tunnels within the victim's network and reaches its C2 server over a custom protocol encrypted with RC4. Beyond proxying, it can fetch and run further malware, dropping payloads to disk or mapping them straight into memory. The full SystemBC package, comprising the C2 panel, server, and malware executables, is offered for sale on underground forums.
Source: Malpedia (Fraunhofer FKIE).