1a9fe09d5ecca17e3afe32f44d7be2230e527cfdc3a4aa7806488589ea9cb945 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Siggen22.48393.30867.31825.exe
Size

8.4MB
Sample

231224-rqphksdhhk
MD5

521efa48cc727900d66115774f2e076e
SHA1

abee3f10102e581b8f94d7092168e57c5c1e2493
SHA256

1a9fe09d5ecca17e3afe32f44d7be2230e527cfdc3a4aa7806488589ea9cb945
SHA512

e1f805f8d70fa0b2946daea1b98d99f69ec2119cf2c399d5996dc50945e2c16432b2d338d569d3487b759ed3f55d2cc788e67874698ad684cb7e82f63d312249
SSDEEP

196608:YdaS+uvUh0Fx0suEUkCpMnl8+Uy9n9/aelRMV2Q3TlEu:+axmqOx0Zcnq+fZ9/MVxTSu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Trojan.Siggen22.48393.30867.31825.exe
- Size
  
  8.4MB
- MD5
  
  521efa48cc727900d66115774f2e076e
- SHA1
  
  abee3f10102e581b8f94d7092168e57c5c1e2493
- SHA256
  
  1a9fe09d5ecca17e3afe32f44d7be2230e527cfdc3a4aa7806488589ea9cb945
- SHA512
  
  e1f805f8d70fa0b2946daea1b98d99f69ec2119cf2c399d5996dc50945e2c16432b2d338d569d3487b759ed3f55d2cc788e67874698ad684cb7e82f63d312249
- SSDEEP
  
  196608:YdaS+uvUh0Fx0suEUkCpMnl8+Uy9n9/aelRMV2Q3TlEu:+axmqOx0Zcnq+fZ9/MVxTSu
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2