Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f32a14e2a7a2510862c04fdc2e9ae97bb4f444d33dc5394360ad3402548bf687.exe
-
Size
335KB
-
Sample
250316-xftmfa1jt9
-
MD5
44a4d5c0cbd33c189f18018326e8801e
-
SHA1
533d0a6895ffb5846b6e7bcb738c4056293f91d7
-
SHA256
f32a14e2a7a2510862c04fdc2e9ae97bb4f444d33dc5394360ad3402548bf687
-
SHA512
9aa19261579caadeb028f75db52a05e3ef66880df44d21e73cf65ac472ed3b276deaef37227c20af50d821414f2a1df88fb78c985adc0739bab7d0ed3a866205
-
SSDEEP
3072:NfWmKpcIhNLHiS6ur76srcmGG10loGm44q2UWBWXyPNKTWI87aXKPmsqjCnSNBPK:gR7Osoc1DGm44HcX2oaIrBP33kQCfBp
Malware Config
Targets
-
-
Target
f32a14e2a7a2510862c04fdc2e9ae97bb4f444d33dc5394360ad3402548bf687.exe
-
Size
335KB
-
MD5
44a4d5c0cbd33c189f18018326e8801e
-
SHA1
533d0a6895ffb5846b6e7bcb738c4056293f91d7
-
SHA256
f32a14e2a7a2510862c04fdc2e9ae97bb4f444d33dc5394360ad3402548bf687
-
SHA512
9aa19261579caadeb028f75db52a05e3ef66880df44d21e73cf65ac472ed3b276deaef37227c20af50d821414f2a1df88fb78c985adc0739bab7d0ed3a866205
-
SSDEEP
3072:NfWmKpcIhNLHiS6ur76srcmGG10loGm44q2UWBWXyPNKTWI87aXKPmsqjCnSNBPK:gR7Osoc1DGm44HcX2oaIrBP33kQCfBp
Score10/10-
Jigsaw Ransomware
Ransomware family first created in 2016. Named based on wallpaper set after infection in the early versions.
-
Jigsaw family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-