Analysis

  • max time kernel
    121s
  • max time network
    136s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    28-04-2024 03:37

General

  • Target

    AntivirusDefender-main/JigsawRansomware/JigsawRansomware/JigsawRansomware/bin/Release/JigsawRansomware.exe

  • Size

    60KB

  • MD5

    14a2065165fca7f48b20123ea1ca8d2d

  • SHA1

    f6371909e9b9751d3f7539a75ec0f024cd3094bf

  • SHA256

    cb8068f6f5623b19fea0e5e8657ea059283dc7fbb04ac61c204b8fcf9b09cc3c

  • SHA512

    eadd1e658b19805cc64a8a9a391f42fcae5c410c89b95a1b2e5d8615aadc1e873fb67e214fff5f96163b8340bc37443cfbb4d50eccd2b8e06b6294f503adf103

  • SSDEEP

    1536:f2Dyv30ZpBzKmGIZUY1sIzYi7D10Py7j:+Dy2pBzbZUYxYID6a

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AntivirusDefender-main\JigsawRansomware\JigsawRansomware\JigsawRansomware\bin\Release\JigsawRansomware.exe
    "C:\Users\Admin\AppData\Local\Temp\AntivirusDefender-main\JigsawRansomware\JigsawRansomware\JigsawRansomware\bin\Release\JigsawRansomware.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch&plcid=0x409&o1=.NETFramework,Version=v4.8&processName=JigsawRansomware.exe&platform=0009&osver=5&isServer=0&shimver=4.0.30319.0
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2900
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2900 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2564

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    72722d5327e690701b3983bd6876c497

    SHA1

    88e80bd67231e4e848028fa24081996b75d6d228

    SHA256

    310bbc177a33cbb527872316d0ad43921df0c8e8bfeddcaad695cfc67244bf14

    SHA512

    6297ee0f2b50131b6a7c77c3331913561b5326b82ed755c7e280db34d8bdca7c35f80b2afb21c0c4711bddcb8236d46438fc0cdd68064bc087e84dda6fb01e15

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    b5237b8320b50a81ee24a47bc0fc3a91

    SHA1

    d4e16491539e19125ad1ee1af6451e20998060c9

    SHA256

    5a6f19ae282fd0e95432101ff58c8e3974038ecbee6dc2c4768f979dc2df1440

    SHA512

    9dff02b32dd306db4f21c49e0d7d45e3d240a555ebd7eff2aab4f8bb69fc375bcc45c8058294edb22ca14f2dbb0614e2c8fb2f94406f13508620f1525b634241

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    44a040dae0f996e26256a4ee1887deae

    SHA1

    fb2971b98ede0267dcae210b9720c3dc43c16265

    SHA256

    6a6cc9c79f3117c8359dcc3fd5199b91ea8dea932d56953b9962527d3ae56063

    SHA512

    fb8b5feaa3da8d60ad4792486ec8654a8e181874e4945ae24f1685edb8c8a9dfcf0fed55415d477fb4a1cb29632d7240becf666861608a353da9011337459bfa

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    82e55fccf239db465f387ae7394f6a81

    SHA1

    a1fd0fa536c9da0ad054048efadb8ceb362ea231

    SHA256

    d48c84dcaa79f23034204f80b5aa54fd042ab51bf3d59b420ff9406fe98c47fa

    SHA512

    ed11c26d28df05fb1893d75a27ff482f0caa3d75485d3e5d8d03d25c7704962c57e6c9b2e6e39347f6b46ecf3dff4039fabf09d3e7be3a0f76db5e33b91a4788

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    c0b6ba38bd7ca368060b8a31b0287331

    SHA1

    4dacea249c55d96a67a98dd13e3693fda9fc0442

    SHA256

    27d81dc9c005441899605bd372652d7f8978dc1273ae768df3d025c9201184e0

    SHA512

    481740b2d019b13d159ff018c43da209200956c92f0490daeece882d1a773203e3f948b61723abc72ba508bfd62eb226d06675f76df822439bb48017ef94b13c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    489ab183d5acfc1c815489b9ae738464

    SHA1

    eef0747a05b6d066738700ca46eb09062223d6ff

    SHA256

    15f32ac1a08279cdd604358b767c4e936b4599baea96b88e36d847f35bd00181

    SHA512

    f8d45c4c380db15763d21ce8b9702fec843b83f922451577153ec1fce4b5eeffc303ab54f4d9e4b06c7846ae4a91b329662bff16a16f0805ffb00b17fb00c381

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    0e879c43e411d1a4dff19fd854258f36

    SHA1

    11ca476bd34c292ec236be8a5b347ba0cbbe4ce8

    SHA256

    6eb3c4f9bb1d6a5652eb5aa3ef594a11cfef8c00a1b168187e435be93a41f675

    SHA512

    29cd17aaeba6145db31bd9d995e14cacb5b2fc24a94cf70d5a0b42bf3b564b4453f5012c6933cf087c6399cd827038a1bb1fb657f2375224ca2643a73872bd2c

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    d709d5a713827442d5a3ab4940dcb325

    SHA1

    d37d7f5fa8ab0f21ee7350ddaf043306f0a87257

    SHA256

    55e856341b65a4ecc21e1a6a5671b5cee4c56f9d9463d2e9c980c2757bc5b120

    SHA512

    459ce513653aecfacea087be593e0546e26c06a845faf754364d4d78d76e97152353155981f4d767955c802b5a0525116606f39fc0aa55e89d4b8ccd9e8ffd6f

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    91faab7474f1c13b395b1d1e39fdbf9d

    SHA1

    70743e4ac2b609c1bff8bd4e5c65041c963a077b

    SHA256

    4c7a15e8dd59c46d8242a531b89dbde1dda7c5cc5bb2ea2a735d91fa8bde8f3c

    SHA512

    b80d661926dc523a0fe741cc00f338d62ea1849289bcf620d330c6364b3f2ff2cfaa4c129f9f26786f1a288a95ab1a4a02d7ca5cdb4d9fbcfa31ab28fdc1c245

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    12107348000473efd5b4168c5033880a

    SHA1

    cf70018f81c12d94e1bb2a03d35864f497f6483f

    SHA256

    381a86753a00d802ca1cc5696541dc3927bf6ff03cbf9b2c5a3e40b7de29f7de

    SHA512

    4f2592942a8fda5f28d8dea8e989da6732d4f46b2c50ac5797790404b1d349cf9570b934ad90680288a15b1cb2a106a271af07f0a98ef6b6e8e34f7cb5296e98

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    9f1ec76872f6aca2dc1c97c1d25eff3e

    SHA1

    4a8db356812e54ef0307ee5e0bb3877e707a244d

    SHA256

    a2e654101326b5c4a5c4d46eda7efdc278bf97b0423b30231e018c163a5665e8

    SHA512

    8eb9eae27a9a0e17b72657a6a0fc5f39e4b040fd8361ff75bf2b14847798cad96a91034ad18ef7241dd6cad821ed3106887e6b366051afb4a54c6c24b925ee61

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4d9bc6e7636709bc89395f9c89f06227

    SHA1

    a30e33d7b65d09335ed757f8ccbfb4e30358410c

    SHA256

    297aa2bc9b5267a5fb2c622d5bcf3bdca1b3c3a822683232ff7ae3b6104d1d73

    SHA512

    24002e78b2d817124834c693251f1953bd8e9a2de1c7ba03b50cc6aa36852eba9f899872f69440d64769d3b0692d72680db4a1b77436f6d43dfea94cb8e6213e

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    689f81eb24483ad77691a2d5214020ee

    SHA1

    e3e23fede8336a5f8e01db51dfb271f4691361f8

    SHA256

    09fe7eff3eab4bcf6897637421b93dce009bd418e124c5c789daf6f452a3a70e

    SHA512

    1cc131a8a6f58815db95b78e5cfb1650f9017ef24d6f70c65ae1eb99819df77f9c066bbfb6a36bf9ce457b4e25c8c676564a20af6e20ca069318b060ab8a4848

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    804e94e8d81377590c6d0e934146de02

    SHA1

    921b8ac1ccbad067d2f0def1851e5152c119e2ef

    SHA256

    5e6d30f6d853a3254a9ac361fe78f5f199300b685c42f006b048e97c410f5ac6

    SHA512

    336ffab226b76388194415710a9da361be5bdfebd5f2dd19d9c2d06bc237fd10b00af14f1c11de2d299342309a6455f98e975ef232231db115450bf697cb950d

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    66ddaed763ace013e84a269672b76491

    SHA1

    61f563fd08c4529bedf9cbf8dae7de1cd71c5ca4

    SHA256

    86d8e7cbfd671b60d618a38980132556129c0668cf8308fe7985a3a4b36e66af

    SHA512

    09f06f61c5b71dec3292db9e27f6cd020482b4f086bb5dfcb198373ab805e8c9f11b33ca407082a7c798caa15aa07d215e3e673e19142038f6027809667d23ed

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    1de39b0f2e17fe5f7c7134967cbc570e

    SHA1

    39151e26121d15a0d6b493f47319590bc540352a

    SHA256

    2018b1a8cc84ece9d70be5e8885a48bdbb8041cb7810182bbb99a540f2693278

    SHA512

    2144a5d856c0569a5537276af62065c8d593f561a0ae7439236668ad81a459b73737cf777af5385fe24ded7f358f085e07820d9b307e7ba97b3b8ea5aeed9857

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e65cf02a5b6570c75df5dcbf6885398e

    SHA1

    7b56db3dae90b76c16ffcc5c920ac98e55299c64

    SHA256

    9eaed1f5257c72c33b54134e1929372189165eed5584dfa868f9fde1520eeb06

    SHA512

    7858b6a354ccf1ec949c9ddf039a734fcd85770e29893c89054586e6d7f55c797c95a0bf82f6e7569554b94f2a713c18f4a0e6c847a12b552e0402f2db4c2e94

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4e48f00eea93245c5bb114e0a09394ee

    SHA1

    d8ee83f38a94ea9b515b61e8d781adf1e47c4d16

    SHA256

    bcb40b58fd46c72f9e461e5ccbc33390c84b7ef6ddd1dbb684a30a53e4e07847

    SHA512

    02f4791763fbd8afbabdcd573a32c7238f1ba752556ca2687f88c7ba7d937a49419e5302860824942c6bed86b11b70a62eeaef82c77a4522b2e135b5b14d6cb1

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    4df5a35ecfa091b721b372135f3eb9e1

    SHA1

    6ddbbaf64f74a3e928d27ad17b058906252a5360

    SHA256

    bb4323a141bf6e202f4a899a168b954c2cc30fb125e11800a0080ce8160eb309

    SHA512

    b9a9c957d2ae4e90afd7149c3d016596b088674b71fbf6bcb12ec2ad6696dd387230370e2710874c55d7e80d8a568bba56e63bd84037c577fec1cbac432c1341

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

    Filesize

    344B

    MD5

    e970c7df808348921dab7cfb4e01296a

    SHA1

    71d53d8413247a0eaf77fa718e94813a1f43317d

    SHA256

    18eeb84167dbd080e83422b66236e23e03e9a615d7e05e8c1be567aa76e710ee

    SHA512

    76b5c70a687b1813daccbc8e45c5f491993c15b06f989cda9456f875057ff1fb61ef29a7c32c4189eede57ab6ed07eab313ae53e9da00cc594500aa4c6fe01c1

  • C:\Users\Admin\AppData\Local\Temp\Tar3B91.tmp

    Filesize

    177KB

    MD5

    435a9ac180383f9fa094131b173a2f7b

    SHA1

    76944ea657a9db94f9a4bef38f88c46ed4166983

    SHA256

    67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34

    SHA512

    1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a