General
-
Target
SecuriteInfo.com.BackDoor.Siggen2.247.25159.15326
-
Size
2.3MB
-
Sample
210223-37knvjytjj
-
MD5
5b60d41bd93869e36d90775be1ae7830
-
SHA1
d3c63b6d2f389c25071ab7bfee6370ae3e11f7d8
-
SHA256
4fd202b93cc2d13fbf7ca7de657a4c1e2f979a027bc49600604720ff5588f5a0
-
SHA512
230489316593278d53dc360216185c321604dc61ae6dc699afcec3d2f739b04559d2854f8460e0fdb9f1ab1dc713d237b050828c16a57cad0bf50f1de65e460c
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BackDoor.Siggen2.247.25159.15326.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.BackDoor.Siggen2.247.25159.15326.exe
Resource
win10v20201028
Malware Config
Extracted
raccoon
6bbb1ff45f4a7a29bea0350b103adad3e7f6df63
-
url4cnc
https://tttttt.me/jojmalbec
Targets
-
-
Target
SecuriteInfo.com.BackDoor.Siggen2.247.25159.15326
-
Size
2.3MB
-
MD5
5b60d41bd93869e36d90775be1ae7830
-
SHA1
d3c63b6d2f389c25071ab7bfee6370ae3e11f7d8
-
SHA256
4fd202b93cc2d13fbf7ca7de657a4c1e2f979a027bc49600604720ff5588f5a0
-
SHA512
230489316593278d53dc360216185c321604dc61ae6dc699afcec3d2f739b04559d2854f8460e0fdb9f1ab1dc713d237b050828c16a57cad0bf50f1de65e460c
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Blocklisted process makes network request
-