Grupo Ransomware: trigona
Perfil del grupo segun ransomware.anggipradana.com.
| Campo | Valor |
|---|---|
| Alias | |
| Pais | |
| Estado |
Descripcion
According to PCrisk, Trigona is ransomware that encrypts files and appends the ._locked extension to filenames. Also, it drops the how_to_decrypt.hta file that opens a ransom note. An example of how Trigona renames files: it renames 1.jpg to 1.jpg._locked, 2.png to 2.png._locked, and so forth.It embeds the encrypted decryption key, the campaign ID, and the victim ID in the encrypted files.