Overview

overview

10

Static

static

1

Endermanch...pt.exe

windows7-x64

10

Endermanch...pt.exe

windows10-1703-x64

10

Endermanch...pt.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    84s
  • max time network
    151s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    07-02-2023 06:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    [email protected]

  • Size

    211KB

  • MD5

    b805db8f6a84475ef76b795b0d1ed6ae

  • SHA1

    7711cb4873e58b7adcf2a2b047b090e78d10c75b

  • SHA256

    f5d002bfe80b48386a6c99c41528931b7f5df736cd34094463c3f85dde0180bf

  • SHA512

    62a2c329b43d186c4c602c5f63efc8d2657aa956f21184334263e4f6d0204d7c31f86bda6e85e65e3b99b891c1630d805b70997731c174f6081ecc367ccf9416

  • SSDEEP

    1536:YoCFfC303p22fkZrRQpnqjoi7l832fbu9ZXILwVENbM:rCVC303p22sZrRQpnviB832Du9WMON

Score
10/10
infinitylockransomware

Malware Config

Signatures

  • InfinityLock Ransomware

    Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.

    ransomwareinfinitylock
  • Modifies extensions of user files 14 IoCs

    Ransomware generally changes the extension on encrypted files.

    ransomware
  • Drops file in Program Files directory 64 IoCs
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\[email protected]
    "C:\Users\Admin\AppData\Local\Temp\[email protected]"
    1⤵
    • Modifies extensions of user files
    • Drops file in Program Files directory
    • Checks processor information in registry
    • Suspicious use of AdjustPrivilegeToken
    PID:2572

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2572-118-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-119-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-120-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-121-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-122-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-123-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-124-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-125-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-126-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-127-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-128-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-129-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-130-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-131-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-132-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-133-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-134-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-135-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-136-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-138-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-137-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-139-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-140-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-141-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-142-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-143-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-144-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-145-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-146-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-147-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-148-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-149-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-150-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-151-0x0000000000760000-0x000000000079C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/2572-152-0x0000000004FD0000-0x000000000506C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/2572-153-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-154-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-155-0x0000000005620000-0x0000000005B1E000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/2572-156-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-157-0x0000000005120000-0x00000000051B2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/2572-158-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-159-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-160-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-161-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-162-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-163-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-164-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-165-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-166-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-167-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-168-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-169-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-170-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-171-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-172-0x0000000002C50000-0x0000000002C5A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/2572-173-0x00000000052F0000-0x0000000005346000-memory.dmp

    Filesize

    344KB

    Download

  • memory/2572-174-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-175-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-176-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-177-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-178-0x0000000006E20000-0x0000000006E86000-memory.dmp

    Filesize

    408KB

    Download

  • memory/2572-179-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-180-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-181-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-182-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-183-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-184-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-185-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-186-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-187-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2572-188-0x0000000077220000-0x00000000773AE000-memory.dmp

    Filesize

    1.6MB

    Download