5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

General
Target

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

Size

676KB

Sample

200330-nqfb2ej1pj

Score
10 /10
MD5

c1ed709a4375516d25889357d0660f00

SHA1

3f16cd69f3772b9aa51ff2b528f95227e7caed6f

SHA256

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

SHA512

215cc02a53e3d0eff52f511c516fd5d87726926984e84cd18a7b35c3783792a0ee050e736f2c72bc28d42f1975bb6314d9f0f9e28766839db257c7c500c81ac0

Malware Config
Targets
Target

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

MD5

c1ed709a4375516d25889357d0660f00

Filesize

676KB

Score
10 /10
SHA1

3f16cd69f3772b9aa51ff2b528f95227e7caed6f

SHA256

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

SHA512

215cc02a53e3d0eff52f511c516fd5d87726926984e84cd18a7b35c3783792a0ee050e736f2c72bc28d42f1975bb6314d9f0f9e28766839db257c7c500c81ac0

Tags

Signatures

  • Jigsaw

    Description

    Ransomware family first created in 2016. Named based on wallpaper set after infection.

    Tags

  • Executes dropped EXE

  • Adds Run entry to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Discovery
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      10/10

                      behavioral2

                      10/10