General
-
Target
14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9
-
Size
136KB
-
Sample
220306-dbkzyshha4
-
MD5
17f29268c9f1c5d5bca8b2b66cd1044c
-
SHA1
16273c67d772dccd1bc9d375b1c9ffa25e83129c
-
SHA256
14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9
-
SHA512
bd4d3f760de8225626f748f0168188d40c283b1a5525234cb8ff63621ff5f5952c6d6bf6de464485784641ff7aa08d89979ad000d26feb34f44fc231287ab1db
Malware Config
Targets
-
-
Target
14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9
-
Size
136KB
-
MD5
17f29268c9f1c5d5bca8b2b66cd1044c
-
SHA1
16273c67d772dccd1bc9d375b1c9ffa25e83129c
-
SHA256
14ee5fe40e76955ea27cc715dd5849f10ce7dc992c234db67467bbb1757aa8f9
-
SHA512
bd4d3f760de8225626f748f0168188d40c283b1a5525234cb8ff63621ff5f5952c6d6bf6de464485784641ff7aa08d89979ad000d26feb34f44fc231287ab1db
Score10/10-
Jigsaw Ransomware
Ransomware family first created in 2016. Named based on wallpaper set after infection in the early versions.
-
Executes dropped EXE
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-