General

  • Target

    2025-02-12_c6c511ba966328c9497c8aa9264fb733_trigona

  • Size

    1.8MB

  • Sample

    250212-vt4nfs1jcq

  • MD5

    c6c511ba966328c9497c8aa9264fb733

  • SHA1

    2f760c24df7626929c48504402370d733de523c3

  • SHA256

    26a74ace0b160831901b912f173137326019e731530e4ec283cbe44e3ccda165

  • SHA512

    149f51eced34090808712ba202b63f6e610fc4e7ccb4d64f7d619ac8937abce9565cd986bfeaef9684d0a4e8766c80affc5fdf8f1dbd2c8996425390545d09cd

  • SSDEEP

    24576:Jlt7h3gTTqGKw81ymxkamLsc7WXgIecEvitkj+udxP7:BhuTQxXwIecEvitZUxT

Malware Config

Targets

    • Target

      2025-02-12_c6c511ba966328c9497c8aa9264fb733_trigona

    • Size

      1.8MB

    • MD5

      c6c511ba966328c9497c8aa9264fb733

    • SHA1

      2f760c24df7626929c48504402370d733de523c3

    • SHA256

      26a74ace0b160831901b912f173137326019e731530e4ec283cbe44e3ccda165

    • SHA512

      149f51eced34090808712ba202b63f6e610fc4e7ccb4d64f7d619ac8937abce9565cd986bfeaef9684d0a4e8766c80affc5fdf8f1dbd2c8996425390545d09cd

    • SSDEEP

      24576:Jlt7h3gTTqGKw81ymxkamLsc7WXgIecEvitkj+udxP7:BhuTQxXwIecEvitZUxT

    • Detects Trigona ransomware

    • Trigona

      A ransomware first seen at the beginning of the 2022.

    • Trigona family

    • Downloads MZ/PE file

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.