General

  • Target

    SecuriteInfo.com.Trojan.PWS.Siggen2.28981.28903.1201

  • Size

    195KB

  • Sample

    210412-gpf5bnrc46

  • MD5

    5efd335c35268a27b027523a4d9e8558

  • SHA1

    ce7d1eda415f7f96bc0d1a756ad3db862751d1d0

  • SHA256

    61097d05c78d0654fa42c1a404e96526b06c657df602a8a7a2ac58e1a60b52db

  • SHA512

    f72f879b713a1ff70b8fa133737204988831bc4f0159e205f255f5bfacb15b7ed8b7d9a00518550226563825d4677dcd21bd167d40627c021fa3c590fc72639a

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan.PWS.Siggen2.28981.28903.1201

    • Size

      195KB

    • MD5

      5efd335c35268a27b027523a4d9e8558

    • SHA1

      ce7d1eda415f7f96bc0d1a756ad3db862751d1d0

    • SHA256

      61097d05c78d0654fa42c1a404e96526b06c657df602a8a7a2ac58e1a60b52db

    • SHA512

      f72f879b713a1ff70b8fa133737204988831bc4f0159e205f255f5bfacb15b7ed8b7d9a00518550226563825d4677dcd21bd167d40627c021fa3c590fc72639a

    • Arcane log file

      Detects a log file produced by the Arcane Stealer.

    • ArcaneStealer

      Arcane Stealer is a .Net information-stealing malware that is easy to acquire in the dark web.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

MITRE ATT&CK Enterprise v6

Tasks