General

  • Target

    2024-11-05_388500bd50036658b03212fe29a03671_datper_trigona

  • Size

    342KB

  • Sample

    241105-jjsyesxcnf

  • MD5

    388500bd50036658b03212fe29a03671

  • SHA1

    d836e39818cb5b320ab9de464b4aae8dc795752a

  • SHA256

    0e534023e2a1b9c946cc9851613cffd1b02ed61e65855ce721e35ae1757a1703

  • SHA512

    b8cedd61768390e22334a44dfdcb5ca7616978504c2115236d07b39de814af4948589ca52222b8c88e8e6364dce317f6287ee138baa90648d93466b193b7ad29

  • SSDEEP

    6144:Gx2QdiglMFGfzIBeZO8Wf2cMRpCO/xZqqDLuz+4pQoL27aR9:GAQsgScEydpCJqnuq4z2mR9

Malware Config

Targets

    • Target

      2024-11-05_388500bd50036658b03212fe29a03671_datper_trigona

    • Size

      342KB

    • MD5

      388500bd50036658b03212fe29a03671

    • SHA1

      d836e39818cb5b320ab9de464b4aae8dc795752a

    • SHA256

      0e534023e2a1b9c946cc9851613cffd1b02ed61e65855ce721e35ae1757a1703

    • SHA512

      b8cedd61768390e22334a44dfdcb5ca7616978504c2115236d07b39de814af4948589ca52222b8c88e8e6364dce317f6287ee138baa90648d93466b193b7ad29

    • SSDEEP

      6144:Gx2QdiglMFGfzIBeZO8Wf2cMRpCO/xZqqDLuz+4pQoL27aR9:GAQsgScEydpCJqnuq4z2mR9

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks