trigona | ff82b9021651a1de046c80242be44b53fa23f88f850b9d536ce8be7d9b41afbb | Triage

Sharing

General

Target

ff82b9021651a1de046c80242be44b53fa23f88f850b9d536ce8be7d9b41afbb.exe
Size

483KB
Sample

250211-t9tmratjbl
MD5

9e5e96c4318ea5e8daab17ea456af069
SHA1

4f9699be74544daa531833e7dbd9a87cf1a37928
SHA256

ff82b9021651a1de046c80242be44b53fa23f88f850b9d536ce8be7d9b41afbb
SHA512

40646d700c3200a45f5e76bb468eb1bd113ffb24926bca61b93159e38579ed901a247320f744870563fa3abcfe9a19745f1466fadbb989f8689caf3c350ac37d
SSDEEP

6144:nZfaSk7FR/pdPYIEQu0JriuXDeEIBN+dx8QN7knC2tpwBQ1yPqqDLulG6jJEJJhU:ZzIRxdDRe+8i2QN7kC2bqnu0omI

Score

10^/10

trigona discovery ransomware spyware stealer

Malware Config

Targets

- Target
  
  ff82b9021651a1de046c80242be44b53fa23f88f850b9d536ce8be7d9b41afbb.exe
- Size
  
  483KB
- MD5
  
  9e5e96c4318ea5e8daab17ea456af069
- SHA1
  
  4f9699be74544daa531833e7dbd9a87cf1a37928
- SHA256
  
  ff82b9021651a1de046c80242be44b53fa23f88f850b9d536ce8be7d9b41afbb
- SHA512
  
  40646d700c3200a45f5e76bb468eb1bd113ffb24926bca61b93159e38579ed901a247320f744870563fa3abcfe9a19745f1466fadbb989f8689caf3c350ac37d
- SSDEEP
  
  6144:nZfaSk7FR/pdPYIEQu0JriuXDeEIBN+dx8QN7knC2tpwBQ1yPqqDLulG6jJEJJhU:ZzIRxdDRe+8i2QN7kC2bqnu0omI
Score

10^/10

trigona discovery ransomware spyware stealer
- Trigona
  A ransomware first seen at the beginning of the 2022.
  ransomware trigona
- Trigona family
  trigona
- Downloads MZ/PE file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

trigonadiscoveryransomwarespywarestealer

behavioral2

trigonadiscoveryransomware