Overview

overview

10

Static

static

3

807b27dd4d...dd.exe

windows7-x64

10

807b27dd4d...dd.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    807b27dd4ddf9f8be2493a9e9f9a1bbe69c06770039847425acc6458d72f29dd.exe

  • Size

    487KB

  • Sample

    250211-tndpeaskhy

  • MD5

    07a155371aded5527e7bf38bf6445537

  • SHA1

    3c249f0d5f02b8fa798a8702ab07d8e4d5aaadc6

  • SHA256

    807b27dd4ddf9f8be2493a9e9f9a1bbe69c06770039847425acc6458d72f29dd

  • SHA512

    b13f6c2374215b893038740f9e8f0c9a9c62a600e532d9d40f2920d16b8d56c3acad09f9ceb894c8682ce7c3353c579a5e652fc7bc8a588e3b1de576002c21da

  • SSDEEP

    6144:FTmapt6LFRvpdPYw70FNU7V6XpYFfYvwBVNSvMhskaMGa4jCT4W8U5hqqDLu3Pi0:tBtSRhdCEVTdbyMhXPT4WYqnuDOqBBl

Score
10/10
trigonacredential_accessdiscoveryransomwarestealer

Malware Config

Targets

    • Target

      807b27dd4ddf9f8be2493a9e9f9a1bbe69c06770039847425acc6458d72f29dd.exe

    • Size

      487KB

    • MD5

      07a155371aded5527e7bf38bf6445537

    • SHA1

      3c249f0d5f02b8fa798a8702ab07d8e4d5aaadc6

    • SHA256

      807b27dd4ddf9f8be2493a9e9f9a1bbe69c06770039847425acc6458d72f29dd

    • SHA512

      b13f6c2374215b893038740f9e8f0c9a9c62a600e532d9d40f2920d16b8d56c3acad09f9ceb894c8682ce7c3353c579a5e652fc7bc8a588e3b1de576002c21da

    • SSDEEP

      6144:FTmapt6LFRvpdPYw70FNU7V6XpYFfYvwBVNSvMhskaMGa4jCT4W8U5hqqDLu3Pi0:tBtSRhdCEVTdbyMhXPT4WYqnuDOqBBl

    Score
    10/10
    trigonaransomwarecredential_accessdiscoverystealer

    • Trigona

      A ransomware first seen at the beginning of the 2022.

      ransomwaretrigona

    • Trigona family

      trigona

    • Downloads MZ/PE file

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

      credential_accessstealer

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks