3076085673f5f93b3ef64f04e4e587e719953d98e64f1e742c49d523174d7afa | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...59.exe

windows7_x64

SecuriteIn...59.exe

windows10_x64

3

Sharing

General

Target

SecuriteInfo.com.Trojan.Siggen9.59975.21351.8159
Size

598KB
Sample

200718-w7awqamt6a
MD5

e62a0fea15fbb5d5fc093ca8538ff1e9
SHA1

7564946dff12bb62896695f384c9faba422454a3
SHA256

3076085673f5f93b3ef64f04e4e587e719953d98e64f1e742c49d523174d7afa
SHA512

623651d886eccf742881f6d3c00a8bb6041eed8d7fe594670fcc835700e400078eb5c53f9a2e855bce805e407b747058610acb897ce7a6e786dd55e05ddb476d

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Trojan.Siggen9.59975.21351.8159.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.Trojan.Siggen9.59975.21351.8159.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Trojan.Siggen9.59975.21351.8159
- Size
  
  598KB
- MD5
  
  e62a0fea15fbb5d5fc093ca8538ff1e9
- SHA1
  
  7564946dff12bb62896695f384c9faba422454a3
- SHA256
  
  3076085673f5f93b3ef64f04e4e587e719953d98e64f1e742c49d523174d7afa
- SHA512
  
  623651d886eccf742881f6d3c00a8bb6041eed8d7fe594670fcc835700e400078eb5c53f9a2e855bce805e407b747058610acb897ce7a6e786dd55e05ddb476d
Score

10^/10
- Contains code to disable Windows Defender
  A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy