trigona | 38f58a2536b5dc18753bc7325cec17be803eae613832d6e6e57b773fbb8a40ce | Triage

Sharing

General

Target

38f58a2536b5dc18753bc7325cec17be803eae613832d6e6e57b773fbb8a40ce.exe
Size

482KB
Sample

250212-h6xz8asjcv
MD5

39fac17fb009f7995348e9265ca983a9
SHA1

f8ffa4f851d54844e15a74271b7d5e218496dca3
SHA256

38f58a2536b5dc18753bc7325cec17be803eae613832d6e6e57b773fbb8a40ce
SHA512

e661ad4d1e770b3a9df28379364249c3f612654a58c9c15a957f86ec0623fcdbd65dfd11c645c780095a9fd9d9b69cc8cf623ac7d2f53cbef2840d97b59684d1
SSDEEP

6144:rZfaSk7FR/pdPYIEQu0JriuXDeEIBN+dx8QN7knC2tpwBQ1yPqqDLulG6cHKARs8:1zIRxdDRe+8i2QN7kC2bqnumfn4Afl

Score

10^/10

trigona credential_access discovery ransomware spyware stealer

Malware Config

Targets

- Target
  
  38f58a2536b5dc18753bc7325cec17be803eae613832d6e6e57b773fbb8a40ce.exe
- Size
  
  482KB
- MD5
  
  39fac17fb009f7995348e9265ca983a9
- SHA1
  
  f8ffa4f851d54844e15a74271b7d5e218496dca3
- SHA256
  
  38f58a2536b5dc18753bc7325cec17be803eae613832d6e6e57b773fbb8a40ce
- SHA512
  
  e661ad4d1e770b3a9df28379364249c3f612654a58c9c15a957f86ec0623fcdbd65dfd11c645c780095a9fd9d9b69cc8cf623ac7d2f53cbef2840d97b59684d1
- SSDEEP
  
  6144:rZfaSk7FR/pdPYIEQu0JriuXDeEIBN+dx8QN7knC2tpwBQ1yPqqDLulG6cHKARs8:1zIRxdDRe+8i2QN7kC2bqnumfn4Afl
Score

10^/10

trigona credential_access discovery ransomware spyware stealer
- Trigona
  A ransomware first seen at the beginning of the 2022.
  ransomware trigona
- Trigona family
  trigona
- Credentials from Password Stores: Windows Credential Manager
  Suspicious access to Credentials History.
  credential_access stealer
- Drops startup file
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops desktop.ini file(s)
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Windows Credential Manager

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

trigonacredential_accessdiscoveryransomwarespywarestealer

behavioral2

trigonadiscoveryransomware