General
-
Target
SecuriteInfo.com.Trojan.Siggen13.10810.1172.8309
-
Size
547KB
-
Sample
210421-kg4agvypln
-
MD5
acbd9fc7eb373a859ad632083defb499
-
SHA1
6360faba83a241b4c12883acbd02489457b068bd
-
SHA256
8156b58e3c433b45ab29498fe69e2a506167283f9bc09a5310a117a360ba76f0
-
SHA512
d742d5e7932a74a5451bc15b739e8ea9e12d201860008bd3b06651a691a3c4fe5dbd7b25b0899588db47949fcb212a010d9417a42697051d441df0cd12561b42
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Siggen13.10810.1172.8309.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.Siggen13.10810.1172.8309.exe
Resource
win10v20210410
Malware Config
Extracted
remcos
46.183.220.61:2404
Targets
-
-
Target
SecuriteInfo.com.Trojan.Siggen13.10810.1172.8309
-
Size
547KB
-
MD5
acbd9fc7eb373a859ad632083defb499
-
SHA1
6360faba83a241b4c12883acbd02489457b068bd
-
SHA256
8156b58e3c433b45ab29498fe69e2a506167283f9bc09a5310a117a360ba76f0
-
SHA512
d742d5e7932a74a5451bc15b739e8ea9e12d201860008bd3b06651a691a3c4fe5dbd7b25b0899588db47949fcb212a010d9417a42697051d441df0cd12561b42
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-