Overview

overview

10

Static

static

1

PowerPoint[1].zip

windows10-1703-x64

Resubmissions

15-04-2023 15:00

230415-sdk53aed76 7

15-04-2023 14:56

230415-sazt2sga3s 10

15-04-2023 14:44

230415-r39z2sfh9v 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PowerPoint[1].zip

  • Size

    66KB

  • Sample

    230415-sazt2sga3s

  • MD5

    196611c89b3b180d8a638d11d50926ed

  • SHA1

    aa98b312dc0e9d7e59bef85b704ad87dc6c582d5

  • SHA256

    4c10d3ddeba414775ebb5af4da5b7bb17ae52a92831fe09244f63c36b2c77f34

  • SHA512

    19d60abf83b4a4fe5701e38e0c84f9492232ceb95b267ae5859c049cea12fee2328a5d26ffd850e38307fb10cb3955b7e5e49d916856c929442d45b87071d724

  • SSDEEP

    1536:bnTpZDj+PE7ixJWt6/RXHNrqCRRSc5si4YJ5lyf1FDwTqV:npt2E7ix9Fp1qcCZI7yfa2

Score
10/10
infinitylockransomware

Malware Config

Targets

    • Target

      PowerPoint[1].zip

    • Size

      66KB

    • MD5

      196611c89b3b180d8a638d11d50926ed

    • SHA1

      aa98b312dc0e9d7e59bef85b704ad87dc6c582d5

    • SHA256

      4c10d3ddeba414775ebb5af4da5b7bb17ae52a92831fe09244f63c36b2c77f34

    • SHA512

      19d60abf83b4a4fe5701e38e0c84f9492232ceb95b267ae5859c049cea12fee2328a5d26ffd850e38307fb10cb3955b7e5e49d916856c929442d45b87071d724

    • SSDEEP

      1536:bnTpZDj+PE7ixJWt6/RXHNrqCRRSc5si4YJ5lyf1FDwTqV:npt2E7ix9Fp1qcCZI7yfa2

    Score
    10/10
    infinitylockransomware

    • InfinityLock Ransomware

      Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.

      ransomwareinfinitylock

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks