SecuriteInfo.com.Trojan.Siggen12.2497.1023.exe

Status: finished

Submission Time: 23.02.2021 17:20:22

Malicious

Trojan

Evader

Comments

Tags

Details

Analysis ID:
356833
API (Web) ID:
615643
Analysis Started:

23.02.2021 17:33:21
Analysis Finished:

23.02.2021 17:40:03
MD5:
9e74c1841ab5ec50dd43819aaba20c0b
SHA1:
d37d7026c09dc6d93fd01dc90d7a224d22dca168
SHA256:
d367eca88434cb310aad91f251c9baa7d11fcd2ffd2c0f0cbb35595445a27698
Technologies:

Engines
IOCs

Full Report	Management Report	IOC Report	Engine	Info	Verdict	Score	Reports

		New		System: Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211		100/100
						38/71
						17/29

IPs

IP	Country	Detection
88.99.66.31	Germany
104.23.98.190	United States
94.103.94.2	Russian Federation

Domains

Name	IP	Detection
iplogger.org	88.99.66.31
pastebin.com	104.23.98.190

URLs

Name	Detection
http://94.103.94.2/gucci.exe
http://94.103.94.2/tnf.exe
http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt0#
Click to see the 14 hidden entries
http://iplogger.org
https://sectigo.com/CPS0
https://pastebin.com/raw/ZdmQ9Ych
http://crl.thawte.com/ThawteTimestampingCA.crl0
http://ocsp.sectigo.com0
http://94.103.94.2
http://94.103.94.24
http://ocsp.thawte.com0
https://pastebin.com/raw/ZdmQ9YchT
https://pastebin.com/raw/LpGZbDTX
https://iplogger.org/1nzde7
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
https://iplogger.org
https://pastebin.com

Dropped files

Name	File Type	Hashes	Detection
C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\SecuriteInfo.com.Trojan.Siggen12.2497.1023.exe.log	ASCII text, with CRLF line terminators	#