Analysis
-
max time kernel
141s -
max time network
30s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
17-03-2023 05:51
Behavioral task
behavioral1
Sample
8804d34b7cf7bd2fc6e20c0dc27da287cee9fccbc52a5630c4752f9cfc6d6cd0.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
8804d34b7cf7bd2fc6e20c0dc27da287cee9fccbc52a5630c4752f9cfc6d6cd0.exe
Resource
win10v2004-20230220-en
General
-
Target
8804d34b7cf7bd2fc6e20c0dc27da287cee9fccbc52a5630c4752f9cfc6d6cd0.exe
-
Size
1.1MB
-
MD5
1cd4ab809fb2a9eebb801ab9c9d4a545
-
SHA1
ce4f4ba93ec1adf8b5c3bac8552fbafd8dcddf27
-
SHA256
8804d34b7cf7bd2fc6e20c0dc27da287cee9fccbc52a5630c4752f9cfc6d6cd0
-
SHA512
db0476d3193a89104c116805eb34be5ea46774d77745b1e1ecfe48ec5a573e96150e9e48fcd630384c9bb88847ef12b46bd124b4b8ef1a072be4c1b319a76264
-
SSDEEP
12288:CU5s41o+T7VmjE2Tz23vxO3jWhn370VPWJFwBybD3Y5WrxqnuskDq4:t5swNmjEoujhn3wVPWJFwEQWV+u75
Malware Config
Signatures
-
Detects Trigona ransomware 3 IoCs
Processes:
resource yara_rule behavioral1/memory/2032-54-0x0000000000400000-0x0000000000526000-memory.dmp family_trigona behavioral1/memory/2032-55-0x0000000000400000-0x0000000000526000-memory.dmp family_trigona behavioral1/memory/2032-56-0x0000000000400000-0x0000000000526000-memory.dmp family_trigona -
Trigona
A ransomware first seen at the beginning of the 2022.