General
-
Target
SecuriteInfo.com.Trojan.Siggen18.23529.6748.25064
-
Size
2.1MB
-
Sample
220712-ya8d3sdbhm
-
MD5
e12a6196b7111c16b714203901bc04df
-
SHA1
964d35b27808d800a5ce11561786de6a2d8af0b1
-
SHA256
a97feddf4e0e68b4fd86b4643babcc7b799c54f08724cf4fcfd1038e918ebff0
-
SHA512
6dfb722593ff5b56c3b3852225aebb1797f947e9baa26a644c500bdbcb664e77b60866430e19c1ea2f2881947a999696870d081baa25a035021ec21b456eb2a7
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Siggen18.23529.6748.exe
Resource
win7-20220414-en
Malware Config
Extracted
bitrat
1.38
godfavor.duckdns.org:2349
-
communication_password
81dc9bdb52d04dc20036dbd8313ed055
-
tor_process
tor
Targets
-
-
Target
SecuriteInfo.com.Trojan.Siggen18.23529.6748.25064
-
Size
2.1MB
-
MD5
e12a6196b7111c16b714203901bc04df
-
SHA1
964d35b27808d800a5ce11561786de6a2d8af0b1
-
SHA256
a97feddf4e0e68b4fd86b4643babcc7b799c54f08724cf4fcfd1038e918ebff0
-
SHA512
6dfb722593ff5b56c3b3852225aebb1797f947e9baa26a644c500bdbcb664e77b60866430e19c1ea2f2881947a999696870d081baa25a035021ec21b456eb2a7
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-