trigona | 921953c7c080fbf1d4da4f0966a755e81228d2e0ccb127f206b176f6c3434f70 | Triage

Submit
Reports

Overview

overview

Static

static

sample.exe

windows7-x64

sample.exe

windows10-2004-x64

Sharing

General

Target

761b78ddab55b4e561607ce5ce9d424a7aec4f1994aad988f0612b096cdd1d6d.bin.sample.gz
Size

463KB
Sample

240228-necg4aac8z
MD5

05f083e7858bbebb9d3cc985e2b997a0
SHA1

61411c1975d35acca8b3f4b20908924b3f7b140d
SHA256

921953c7c080fbf1d4da4f0966a755e81228d2e0ccb127f206b176f6c3434f70
SHA512

7cec4b20450be57a707cdc38f759cbc49976e3d790890c0db3b23f02d88d05716fb00c93e0dd10b45466450e0d1d2aff07fc38618338225c7e8191d52053e688
SSDEEP

12288:8A/xjYZK8Djx4nM7y43mmnOO8DQmbD18tqOi7Q:b/iXjx4CmmnOOkF8tIQ

Score

10^/10

trigona persistence ransomware

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

sample.exe

Resource

win7-20240221-en

trigona persistence ransomware

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

sample.exe

Resource

win10v2004-20240226-en

trigona persistence ransomware

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  1.1MB
- MD5
  
  cd215489a03871eaac431180546f162e
- SHA1
  
  acb517dc5ec2376176cc3116bebfdf71d314663b
- SHA256
  
  761b78ddab55b4e561607ce5ce9d424a7aec4f1994aad988f0612b096cdd1d6d
- SHA512
  
  124821f7d1860a513bc3c51a8f11bc0134877930f5bc46c4675a7d407b8523ae5c4cb596cf6c72ace9dd50245910c71eda216b1169a53e458e8e8bd378059892
- SSDEEP
  
  12288:HRYqX7pdDWExBDmkYhiPJSA0IqOO2vBwRns2MqnuY/gtTy7FXu9:xY6frxBDmkY+Jr0Iql2v4sx+uxtTyp+9
Score

10^/10

trigona persistence ransomware
- Detects Trigona ransomware
- Trigona
  A ransomware first seen at the beginning of the 2022.
  ransomware trigona
- Adds Run key to start application
  persistence
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

trigonapersistenceransomware

behavioral2

trigonapersistenceransomware

© 2018-2024

Terms | Privacy