Overview

overview

10

Static

static

3

b4df356a0b...8b.exe

windows7-x64

10

b4df356a0b...8b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4df356a0b8746b77456531f53cf8418b356b40cd3a9ea214bfe2adba8e8838b.exe

  • Size

    1.8MB

  • Sample

    250211-twkspaskbl

  • MD5

    846fc21208bba21d72f5bbabe3a4148a

  • SHA1

    bbc0158675c41f19acc1d86f313142a7a9d05e85

  • SHA256

    b4df356a0b8746b77456531f53cf8418b356b40cd3a9ea214bfe2adba8e8838b

  • SHA512

    79475d085a133fdfb6d7b4fdb3ee666c46d28936738e8144a7ee460c1a8e5c1f4c2d038dcba93731655a3d53b60e2e936399e450626d04d3e13e42836b3e75c7

  • SSDEEP

    24576:AlJWohpvTIG8JOZSmx0GGLsc7iqTcmTTjY4m/pn+u1jlpFxe:uhBTcAPWcmT3Y4C+0y

Score
10/10
trigonacredential_accessdiscoveryransomwarestealer

Malware Config

Targets

    • Target

      b4df356a0b8746b77456531f53cf8418b356b40cd3a9ea214bfe2adba8e8838b.exe

    • Size

      1.8MB

    • MD5

      846fc21208bba21d72f5bbabe3a4148a

    • SHA1

      bbc0158675c41f19acc1d86f313142a7a9d05e85

    • SHA256

      b4df356a0b8746b77456531f53cf8418b356b40cd3a9ea214bfe2adba8e8838b

    • SHA512

      79475d085a133fdfb6d7b4fdb3ee666c46d28936738e8144a7ee460c1a8e5c1f4c2d038dcba93731655a3d53b60e2e936399e450626d04d3e13e42836b3e75c7

    • SSDEEP

      24576:AlJWohpvTIG8JOZSmx0GGLsc7iqTcmTTjY4m/pn+u1jlpFxe:uhBTcAPWcmT3Y4C+0y

    Score
    10/10
    trigonaransomwarecredential_accessdiscoverystealer

    • Trigona

      A ransomware first seen at the beginning of the 2022.

      ransomwaretrigona

    • Trigona family

      trigona

    • Downloads MZ/PE file

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

      credential_accessstealer

    • Executes dropped EXE

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks