Resubmissions

21-01-2024 14:53

240121-r9m4vsddhn 10

05-04-2023 12:55

230405-p5386seg66 10

General

  • Target

    8cbe32f31befe7c4169f25614afd1778006e4bda6c6091531bc7b4ff4bf62376

  • Size

    1.1MB

  • Sample

    230405-p5386seg66

  • MD5

    eb9fdc083164c0cead39fecaad9aafb4

  • SHA1

    19c8782165f56d4153658da5f88f9edd14ae2022

  • SHA256

    8cbe32f31befe7c4169f25614afd1778006e4bda6c6091531bc7b4ff4bf62376

  • SHA512

    c4c54de23730f5265d29372c21f4f2212a0204f9b83d7fba5dacb0578fbe9f1c95e7521ff892364253f0cd8f4cfbf5befbef387af942714eb4b1b983b0258603

  • SSDEEP

    24576:2Y5sZYIcpO4Y4w+xEjN7oQr+O+uvjx8t2mEdp:/Y4470JYj+kmEf

Malware Config

Targets

    • Target

      8cbe32f31befe7c4169f25614afd1778006e4bda6c6091531bc7b4ff4bf62376

    • Size

      1.1MB

    • MD5

      eb9fdc083164c0cead39fecaad9aafb4

    • SHA1

      19c8782165f56d4153658da5f88f9edd14ae2022

    • SHA256

      8cbe32f31befe7c4169f25614afd1778006e4bda6c6091531bc7b4ff4bf62376

    • SHA512

      c4c54de23730f5265d29372c21f4f2212a0204f9b83d7fba5dacb0578fbe9f1c95e7521ff892364253f0cd8f4cfbf5befbef387af942714eb4b1b983b0258603

    • SSDEEP

      24576:2Y5sZYIcpO4Y4w+xEjN7oQr+O+uvjx8t2mEdp:/Y4470JYj+kmEf

    • Detects Trigona ransomware

    • Trigona

      A ransomware first seen at the beginning of the 2022.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v6

Tasks