5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

General
Target

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

Size

676KB

Sample

201105-d4pfdbrzjs

Score
10 /10
MD5

c1ed709a4375516d25889357d0660f00

SHA1

3f16cd69f3772b9aa51ff2b528f95227e7caed6f

SHA256

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

SHA512

215cc02a53e3d0eff52f511c516fd5d87726926984e84cd18a7b35c3783792a0ee050e736f2c72bc28d42f1975bb6314d9f0f9e28766839db257c7c500c81ac0

Malware Config
Targets
Target

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

MD5

c1ed709a4375516d25889357d0660f00

Filesize

676KB

Score
10 /10
SHA1

3f16cd69f3772b9aa51ff2b528f95227e7caed6f

SHA256

5cc851c0bce31e62a7c293c01117e5d80383b97ce97c040f2c08cfaa29380037

SHA512

215cc02a53e3d0eff52f511c516fd5d87726926984e84cd18a7b35c3783792a0ee050e736f2c72bc28d42f1975bb6314d9f0f9e28766839db257c7c500c81ac0

Tags

Signatures

  • Jigsaw Ransomware

    Description

    Ransomware family first created in 2016. Named based on wallpaper set after infection in the early versions.

    Tags

  • Executes dropped EXE

  • Modifies extensions of user files

    Description

    Ransomware generally changes the extension on encrypted files.

    Tags

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Discovery
      Execution
        Exfiltration
          Impact
            Initial Access
              Lateral Movement
                Privilege Escalation
                  Tasks

                  static1