SentinelOne VS Trigona Ransomware – Detection, Remediation and Forensics

Meet Trigona, a new ransomware family first seen in October 2022.
Upon infection, victims are asked to pay with Monero (XMR) on a dedicated TOR-based payment portal.
The malware attempts to achieve persistence via Registry Run keys (T1547.001). Trigona ransomware can spread via SMB. Additionally, Trigona encrypts files and adds a “._locked” extension.

SentinelOne Singularity™ XDR protects against Trigona ransomware attacks.