IOC pivotioc · sha-256
7DEA671BE77A2CA5772B86CF8831B02BFF0567BCE6A3AE023825AA40354F8ACA
?? · UnknownPlayconfidence · high
SHA-256 of a SystemBC malware DLL used by Play ransomware actors for SOCKS proxy / C2 traffic, listed in the June 2025 update to CISA/FBI/ACSC joint advisory AA23-352A (Table 2).
- family
- SystemBC
- first seen
- Jun 3, 2025
- publisher
- CISA