Register Login

sloganpng

top title background image

SecuriteInfo.com.Trojan.Siggen12.2497.1023.exe

Status: finished

Submission Time: 2021-02-23 17:20:22 +01:00

Malicious

Trojan

Evader

Comments

Tags

Details

Analysis ID:
356833
API (Web) ID:
615643
Analysis Started:

2021-02-23 17:33:21 +01:00
Analysis Finished:

2021-02-23 17:40:03 +01:00
MD5:
9e74c1841ab5ec50dd43819aaba20c0b
SHA1:
d37d7026c09dc6d93fd01dc90d7a224d22dca168
SHA256:
d367eca88434cb310aad91f251c9baa7d11fcd2ffd2c0f0cbb35595445a27698
Technologies:

Engines
IOCs

Joe Sandbox

Engine	Download Report	Detection	Info
		malicious
	Full Report Management Report IOC Report	malicious Score: 100	System: Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01

Third Party Analysis Engines

Open Full Report

malicious

Score: 38/71

malicious

Score: 17/29

malicious

malicious

IPs

IP	Country	Detection
88.99.66.31	Germany
104.23.98.190	United States
94.103.94.2	Russian Federation

Domains

Name	IP	Detection
iplogger.org	88.99.66.31
pastebin.com	104.23.98.190

URLs

Name	Detection
http://94.103.94.2/gucci.exe
http://94.103.94.2/tnf.exe
http://94.103.94.2
Click to see the 14 hidden entries
https://pastebin.com
https://iplogger.org
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://iplogger.org/1nzde7
https://pastebin.com/raw/LpGZbDTX
https://pastebin.com/raw/ZdmQ9YchT
http://ocsp.thawte.com0
http://94.103.94.24
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
http://ocsp.sectigo.com0
http://crl.thawte.com/ThawteTimestampingCA.crl0
https://pastebin.com/raw/ZdmQ9Ych
https://sectigo.com/CPS0
http://iplogger.org

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Trojan.Siggen12.2497.1023.exe.log	ASCII text, with CRLF line terminators	#