General
-
Target
SecuriteInfo.com.Trojan.Siggen9.58278.1608.27264
-
Size
156KB
-
Sample
200713-dxzebr44pa
-
MD5
581a4343d97bbf1d1b469eb319b073da
-
SHA1
a041f3b37ddf8942b51ff37a17cdf6321206804a
-
SHA256
e124c62a8b363a4caa224e3bf91366fe8d578672d58ab63803b57af2fc83073c
-
SHA512
7163f88d7856e0ccc038afa54af19297664259519505af09a54fc45ac9ffa21f1a6397b6448a157c2251b163df92af98dcec52e4af02ad6a37df6a778b7bb661
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Siggen9.58278.1608.27264.exe
Resource
win7
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.Siggen9.58278.1608.27264.exe
Resource
win10v200430
Malware Config
Extracted
\??\M:\Boot\cs-CZ\Read_Me.txt
http://7rzpyw3hflwe2c7h.onion/?VVVVVVVV
http://helpqvrg3cc5mvb3.onion/
Targets
-
-
Target
SecuriteInfo.com.Trojan.Siggen9.58278.1608.27264
-
Size
156KB
-
MD5
581a4343d97bbf1d1b469eb319b073da
-
SHA1
a041f3b37ddf8942b51ff37a17cdf6321206804a
-
SHA256
e124c62a8b363a4caa224e3bf91366fe8d578672d58ab63803b57af2fc83073c
-
SHA512
7163f88d7856e0ccc038afa54af19297664259519505af09a54fc45ac9ffa21f1a6397b6448a157c2251b163df92af98dcec52e4af02ad6a37df6a778b7bb661
Score10/10-
Modifies Installed Components in the registry
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops desktop.ini file(s)
-
Enumerates connected drives
-
Modifies service
-
Suspicious use of SetThreadContext
-