General

  • Target

    b95a0d0333c4986597c2e9132fbea337127653da6864c4c65218c7cc35061448

  • Size

    342KB

  • Sample

    240227-mxngmseg89

  • MD5

    03ab9195dcbd96fbe4e11917c50b57b6

  • SHA1

    212247b7ebdf82d88889043838bf21ac7910e7e6

  • SHA256

    b95a0d0333c4986597c2e9132fbea337127653da6864c4c65218c7cc35061448

  • SHA512

    ce3d6439fce8f659b66b0174b0ad8b31e1ddb5cfad8cd2ecbb932fc0d04edd068f3a8c945e538a1769b4a11e881f6bfa7245492f4e62d614ad17fe454e88ae4d

  • SSDEEP

    6144:Hx2QdiglMFGfzwb1VvcnCdOe5ELmLqqDLuj+V1ooF:HAQsgSckRbYe2xqnua1F

Malware Config

Targets

    • Target

      b95a0d0333c4986597c2e9132fbea337127653da6864c4c65218c7cc35061448

    • Size

      342KB

    • MD5

      03ab9195dcbd96fbe4e11917c50b57b6

    • SHA1

      212247b7ebdf82d88889043838bf21ac7910e7e6

    • SHA256

      b95a0d0333c4986597c2e9132fbea337127653da6864c4c65218c7cc35061448

    • SHA512

      ce3d6439fce8f659b66b0174b0ad8b31e1ddb5cfad8cd2ecbb932fc0d04edd068f3a8c945e538a1769b4a11e881f6bfa7245492f4e62d614ad17fe454e88ae4d

    • SSDEEP

      6144:Hx2QdiglMFGfzwb1VvcnCdOe5ELmLqqDLuj+V1ooF:HAQsgSckRbYe2xqnua1F

    • Trigona

      A ransomware first seen at the beginning of the 2022.

    • Detects command variations typically used by ransomware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks