Overview

overview

10

Static

static

7

2.exe

windows7-x64

10

2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2.7z

  • Size

    301KB

  • Sample

    240121-l4nwbaahcl

  • MD5

    0aba51a20738cdfad05673a934e2055a

  • SHA1

    a49d4d2835708c293607e1f4253fa6f59d26d1f8

  • SHA256

    2389982cb4147f8a31d60fbecf0e2faffbaa96523ea7a33e60f84ec077ecbeb0

  • SHA512

    9df78687b61f8c5d7d5b2a20f919868f4b434eea79f7d0ae8aa8f462bcec4216cf41e965fa874495358ebfbdcf87b86ecf14fc8444655f654e19bba87305402a

  • SSDEEP

    6144:8DtdesAfEWrJhzNe4kpK331YpO7S0+AHwohmPKHItQ3enVc0Hm3Bi:8qfE2fkptO7SmnQPvBVTG3g

Score
10/10
infinitylockransomware

Malware Config

Targets

    • Target

      2.exe

    • Size

      414KB

    • MD5

      916e4754201356e2a084f47dfdd094ef

    • SHA1

      f7af62ac3e5735be89bd9ff5f65d4de1b228a26a

    • SHA256

      5fba614d8ac082c6d48dfab9d56aa77b479c5f4217b4ebf599b1c21d6d705b3f

    • SHA512

      b95bb9619edea8a9b58490ba49d9e3fb0ebb78652883772c379a2bd2efeeff5ec2e3b7e9068421a08d143b76ef915c59cfe98d91b183da4205964947746ae4c0

    • SSDEEP

      12288:oskc3tMDExu5XsnqH/m3RB2oQh/kf8C3:oW7xu5WqfYRAo+sf1

    Score
    10/10
    infinitylockransomware

    • InfinityLock Ransomware

      Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.

      ransomwareinfinitylock

    • .NET Reactor proctector

      Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks