Compito matematica.pdf

General
Target

Compito matematica.pdf

Size

606KB

Sample

210306-flkmay1p1a

Score
10 /10
MD5

4e890ba5a4f6fd63727c0005daa654dd

SHA1

e9ade30c93942c3f5928522552dd01eb25a9e9db

SHA256

e1c7d34fc0138d018f9e947af3dac7ec4d0fe9751dd1bc4424b185a92ca4bc51

SHA512

177badec70b21ed1b94a8a235535249c94b72e21fc62bae1e8c32e44b9495006687a2ef7545256ddaa2c167d870515de45e9aea524e3081135fa901532af6477

Malware Config
Targets
Target

Compito matematica.pdf

MD5

4e890ba5a4f6fd63727c0005daa654dd

Filesize

606KB

Score
10 /10
SHA1

e9ade30c93942c3f5928522552dd01eb25a9e9db

SHA256

e1c7d34fc0138d018f9e947af3dac7ec4d0fe9751dd1bc4424b185a92ca4bc51

SHA512

177badec70b21ed1b94a8a235535249c94b72e21fc62bae1e8c32e44b9495006687a2ef7545256ddaa2c167d870515de45e9aea524e3081135fa901532af6477

Tags

Signatures

  • Jigsaw Ransomware

    Description

    Ransomware family first created in 2016. Named based on wallpaper set after infection in the early versions.

    Tags

  • Executes dropped EXE

  • Modifies extensions of user files

    Description

    Ransomware generally changes the extension on encrypted files.

    Tags

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local System Credentials in Files
  • Adds Run key to start application

    Tags

    TTPs

    Registry Run Keys / Startup Folder Modify Registry

Related Tasks

MITRE ATT&CK Matrix
Command and Control
    Credential Access
    Defense Evasion
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Privilege Escalation
                Tasks

                static1

                behavioral1

                10/10