4ba36ecc13f6b08e1523fa7f8fd228b739d1f6918c5c7f9779c536b91dbb3def

Tags

Signatures

• Jigsaw Ransomware

  Description

  Ransomware family first created in 2016. Named based on wallpaper set after infection in the early versions.

  Tags

  ransomwarejigsaw

• Executes dropped EXE

• Modifies extensions of user files

  Description

  Ransomware generally changes the extension on encrypted files.

  Tags

  ransomware

• Reads user/profile data of web browsers

  Description

  Infostealers often target stored browser data, which can include saved credentials etc.

  Tags

  spywarestealer

  TTPs

  Data from Local SystemCredentials in Files

• Adds Run key to start application

  Tags

  persistence

  TTPs

  Registry Run Keys / Startup FolderModify Registry

Related Tasks