Overview

overview

8

Static

static

Trigon Evo...91.exe

windows10-1703-x64

8

Trigon Evo...91.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Trigon Evo 2_XH-7z91.exe

  • Size

    2.6MB

  • Sample

    221124-nqlvxaec9s

  • MD5

    174444da2c90ae775cccae2ec9e938a3

  • SHA1

    d8aa73d11f3f111ed528d8010f00cc9014169b66

  • SHA256

    b587860551197fa81a095d121c595d08cbf8f3938f04a6d40a841b8b1a67c826

  • SHA512

    920f2aaa1ee3c84e932e71364c340561a513264393eceadc6eda19796b0f6b9c6e2f387f23f52755d42cdc716498f21e80833b2f90cb6e39a1b882d4636b3c77

  • SSDEEP

    49152:+qe3f6aWzD7+H98AHaCfu6DHCL+WuTmuKwEx:vSi/D7E9vBumHCK5NKXx

Score
8/10
persistence

Malware Config

Targets

    • Target

      Trigon Evo 2_XH-7z91.exe

    • Size

      2.6MB

    • MD5

      174444da2c90ae775cccae2ec9e938a3

    • SHA1

      d8aa73d11f3f111ed528d8010f00cc9014169b66

    • SHA256

      b587860551197fa81a095d121c595d08cbf8f3938f04a6d40a841b8b1a67c826

    • SHA512

      920f2aaa1ee3c84e932e71364c340561a513264393eceadc6eda19796b0f6b9c6e2f387f23f52755d42cdc716498f21e80833b2f90cb6e39a1b882d4636b3c77

    • SSDEEP

      49152:+qe3f6aWzD7+H98AHaCfu6DHCL+WuTmuKwEx:vSi/D7E9vBumHCK5NKXx

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks