Overview

overview

10

Static

static

1

c11bc2b5f6...72.jpg

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c11bc2b5f6d1cc34a4734ab71d1f7c72.jpg

  • Size

    18KB

  • Sample

    240323-g42pysed26

  • MD5

    22186c6fb6d2c1d12bb56ea8d700055c

  • SHA1

    d780b89467e8ae8a7f587bf71425799a2b3fea4c

  • SHA256

    f0fc3dfdb6014c2731c6b99359fae6321ecba21e36a4e74315e059f643837170

  • SHA512

    8a8bc2094e148f4e7801854f1ab2a5eb693cdf1c9abe2ab3f4181825c2d1b945b4b2ceee9161bf545a10f43681d90a13f4c8bf870d41363c6752aa7e791765ae

  • SSDEEP

    384:yirCN5figqqSt/H1JKJHvjyb0KDlEJSvKYqaNd60Qzgaq5nNTQGH:yN/TSt/He1jEzx9iYDdnMbm5

Score
10/10
infinitylockransomware

Malware Config

Targets

    • Target

      c11bc2b5f6d1cc34a4734ab71d1f7c72.jpg

    • Size

      18KB

    • MD5

      22186c6fb6d2c1d12bb56ea8d700055c

    • SHA1

      d780b89467e8ae8a7f587bf71425799a2b3fea4c

    • SHA256

      f0fc3dfdb6014c2731c6b99359fae6321ecba21e36a4e74315e059f643837170

    • SHA512

      8a8bc2094e148f4e7801854f1ab2a5eb693cdf1c9abe2ab3f4181825c2d1b945b4b2ceee9161bf545a10f43681d90a13f4c8bf870d41363c6752aa7e791765ae

    • SSDEEP

      384:yirCN5figqqSt/H1JKJHvjyb0KDlEJSvKYqaNd60Qzgaq5nNTQGH:yN/TSt/He1jEzx9iYDdnMbm5

    Score
    10/10
    infinitylockransomware

    • InfinityLock Ransomware

      Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.

      ransomwareinfinitylock

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

2
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Resource Development

Reconnaissance

Tasks