Overview

overview

10

Static

static

14ee5fe40e...f9.exe

windows7_x64

10

14ee5fe40e...f9.exe

windows10-2004_x64

1

Resubmissions

09-10-2023 22:49

231009-2rwndsgh8w 10

06-03-2022 02:50

220306-dbkzyshha4 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9

  • Size

    136KB

  • Sample

    220306-dbkzyshha4

  • MD5

    17f29268c9f1c5d5bca8b2b66cd1044c

  • SHA1

    16273c67d772dccd1bc9d375b1c9ffa25e83129c

  • SHA256

    14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9

  • SHA512

    bd4d3f760de8225626f748f0168188d40c283b1a5525234cb8ff63621ff5f5952c6d6bf6de464485784641ff7aa08d89979ad000d26feb34f44fc231287ab1db

Score
10/10
jigsawpersistenceransomwarespywarestealer

Malware Config

Targets

    • Target

      14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9

    • Size

      136KB

    • MD5

      17f29268c9f1c5d5bca8b2b66cd1044c

    • SHA1

      16273c67d772dccd1bc9d375b1c9ffa25e83129c

    • SHA256

      14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9

    • SHA512

      bd4d3f760de8225626f748f0168188d40c283b1a5525234cb8ff63621ff5f5952c6d6bf6de464485784641ff7aa08d89979ad000d26feb34f44fc231287ab1db

    Score
    10/10
    jigsawpersistenceransomwarespywarestealer

    • Jigsaw Ransomware

      Ransomware family first created in 2016. Named based on wallpaper set after infection in the early versions.

      ransomwarejigsaw

    • Executes dropped EXE

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks