jigsaw | e1c7d34fc0138d018f9e947af3dac7ec4d0fe9751dd1bc4424b185a92ca4bc51 | Triage

Resubmissions

09-10-2023 22:49

231009-2rzp2sba27 10

30-03-2020 14:54

200330-hma22cptpa 10

Sharing

General

Target

Compito matematica.pdf
Size

606KB
Sample

200330-hma22cptpa
MD5

4e890ba5a4f6fd63727c0005daa654dd
SHA1

e9ade30c93942c3f5928522552dd01eb25a9e9db
SHA256

e1c7d34fc0138d018f9e947af3dac7ec4d0fe9751dd1bc4424b185a92ca4bc51
SHA512

177badec70b21ed1b94a8a235535249c94b72e21fc62bae1e8c32e44b9495006687a2ef7545256ddaa2c167d870515de45e9aea524e3081135fa901532af6477

Score

10^/10

jigsaw persistence ransomware

Malware Config

Targets

- Target
  
  Compito matematica.pdf
- Size
  
  606KB
- MD5
  
  4e890ba5a4f6fd63727c0005daa654dd
- SHA1
  
  e9ade30c93942c3f5928522552dd01eb25a9e9db
- SHA256
  
  e1c7d34fc0138d018f9e947af3dac7ec4d0fe9751dd1bc4424b185a92ca4bc51
- SHA512
  
  177badec70b21ed1b94a8a235535249c94b72e21fc62bae1e8c32e44b9495006687a2ef7545256ddaa2c167d870515de45e9aea524e3081135fa901532af6477
Score

10^/10

persistence ransomware jigsaw
- Jigsaw
  Ransomware family first created in 2016. Named based on wallpaper set after infection.
  ransomware jigsaw
- Executes dropped EXE
- Adds Run entry to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistenceransomwarejigsaw