trigona | 92241867812099edddb6061a00d36b49268a1c54524833427f2a2aa967f183ae | Triage

Resubmissions

12-02-2024 19:56

240212-ynry9ada64 10

12-02-2024 19:35

240212-yazryabb7s 10

23-01-2024 03:08

240123-dnenpsfccr 10

Sharing

General

Target

c28b33f7365f9dc72cc291d13458f334.bin
Size

186KB
Sample

240123-dnenpsfccr
MD5

6978dc767080803578ed1d6018b44c99
SHA1

74b52d7e5b92bc802ffa864adbf7483043128e32
SHA256

92241867812099edddb6061a00d36b49268a1c54524833427f2a2aa967f183ae
SHA512

748ea100bcfe4b641197548384f179226663698832bebe630d34e65cb2fdf07d4b69b1447c5fe2ab9cf13f55eee3b5fd7050a07ec9364eac4cd16565ccdb1973
SSDEEP

3072:ZhFH8BnrxFgYsm2fz7mfZyM82++UUW8D455cFKxUrs2C8MS0ISgCyqXP8bRl/lIJ:Zhl851Iz7mwM82lUB55cFQMrC8b0PgCD

Score

10^/10

trigona discovery ransomware spyware stealer

Malware Config

Targets

- Target
  
  85f4088286ac1eedc94ad9dc6465e9e4b89d1cde3012f9949450fcc9f2b60431.exe
- Size
  
  342KB
- MD5
  
  c28b33f7365f9dc72cc291d13458f334
- SHA1
  
  b4ad79b2800a6540f1c460ce6220a4ebb551a18b
- SHA256
  
  85f4088286ac1eedc94ad9dc6465e9e4b89d1cde3012f9949450fcc9f2b60431
- SHA512
  
  3bb9e234da571093c05e21b4ffdfa7ceb9d6f95a33a07e39260a974fdc19dfc7ba72e7f9a579ec45585857d5d543ff99a535b479cf77629858c3cfa1c824e46f
- SSDEEP
  
  6144:Gx2QdiglMFGfzIBeZO8Wf2cMRsCO/xZqqDLuz+4pQoL27aR9:GAQsgScEydsCJqnuq4z2mR9
Score

10^/10

trigona ransomware spyware stealer discovery
- Trigona
  A ransomware first seen at the beginning of the 2022.
  ransomware trigona
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Network Service Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

trigonaransomwarespywarestealer

behavioral2

trigonadiscoveryransomware