General
-
Target
SecuriteInfo.com.Trojan.PWS.Siggen2.61833.4196.20708
-
Size
1.9MB
-
Sample
210311-s7m88k1aw6
-
MD5
c7df9293a3b926e11a4ede7aeedd5c58
-
SHA1
86ccae3e5b2b67b6d6758554ea57cbd4d66be034
-
SHA256
07967e861e991eabea5649e7e6de840028a2b217d2a9f354315c9b8f25e34068
-
SHA512
7f308d46f30b7197955e522afdaa508f7e302cb5525c33dae4f27eff56f3b20c618763ee68516c745d6ec4e94a356b043c2ccbd47e20badeccb904f2d4b785ba
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.PWS.Siggen2.61833.4196.20708.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.PWS.Siggen2.61833.4196.20708.exe
Resource
win10v20201028
Malware Config
Extracted
raccoon
aef61793e586ca15c24106ac17a2a83a30fb0a25
-
url4cnc
https://tttttt.me/h_scroogenews_1
Targets
-
-
Target
SecuriteInfo.com.Trojan.PWS.Siggen2.61833.4196.20708
-
Size
1.9MB
-
MD5
c7df9293a3b926e11a4ede7aeedd5c58
-
SHA1
86ccae3e5b2b67b6d6758554ea57cbd4d66be034
-
SHA256
07967e861e991eabea5649e7e6de840028a2b217d2a9f354315c9b8f25e34068
-
SHA512
7f308d46f30b7197955e522afdaa508f7e302cb5525c33dae4f27eff56f3b20c618763ee68516c745d6ec4e94a356b043c2ccbd47e20badeccb904f2d4b785ba
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-