Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
41c9080f9c90e00a431b2fb04b461584abe68576996379a97469a71be42fc6ff.exe
-
Size
1.7MB
-
Sample
250211-t867fssrhp
-
MD5
15d05dfa5cff0cfc86e5135155744385
-
SHA1
3eb904370ebf0bd3d4665a0f4ea80f8cc8e89dc9
-
SHA256
41c9080f9c90e00a431b2fb04b461584abe68576996379a97469a71be42fc6ff
-
SHA512
a1990e12b1397d12d718717e46a6ffc3721a44058f499b86b11b2d163b03afd2f8d7c816633abbd6a90773369b3ecb2b3f391ceed341d39bedfea5f4c1b99efd
-
SSDEEP
24576:uGA0AhSVzjJqVR/xmx0AsQ5r2jOGJTS8KmlI+u+68+DrAmz:xAhuzc3DXJTS8KmVzeD5
Malware Config
Targets
-
-
Target
41c9080f9c90e00a431b2fb04b461584abe68576996379a97469a71be42fc6ff.exe
-
Size
1.7MB
-
MD5
15d05dfa5cff0cfc86e5135155744385
-
SHA1
3eb904370ebf0bd3d4665a0f4ea80f8cc8e89dc9
-
SHA256
41c9080f9c90e00a431b2fb04b461584abe68576996379a97469a71be42fc6ff
-
SHA512
a1990e12b1397d12d718717e46a6ffc3721a44058f499b86b11b2d163b03afd2f8d7c816633abbd6a90773369b3ecb2b3f391ceed341d39bedfea5f4c1b99efd
-
SSDEEP
24576:uGA0AhSVzjJqVR/xmx0AsQ5r2jOGJTS8KmlI+u+68+DrAmz:xAhuzc3DXJTS8KmVzeD5
Score10/10-
Detects Trigona ransomware
-
Trigona
A ransomware first seen at the beginning of the 2022.
-
Trigona family
-
Downloads MZ/PE file
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1