infinitylock | ffc3e683579ad8d3eb6c63f13dd540230f4993cf17bfe75b4d364df0a77b8c7c | Triage

Submit
Reports

Overview

overview

Static

static

3

6LLIXVr.exe

windows10-2004-x64

Resubmissions

29-04-2024 14:05

240429-rea6tacd53 10

29-04-2024 14:02

240429-rch4mscc97 8

Sharing

General

Target

6LLIXVr.exe
Size

666KB
Sample

240429-rea6tacd53
MD5

521eee081cb849de670e04d34c4cd514
SHA1

4ddede7c6cac3dcd79c1ddbead1f9d618cb97329
SHA256

ffc3e683579ad8d3eb6c63f13dd540230f4993cf17bfe75b4d364df0a77b8c7c
SHA512

37e3a4dde33d1588c7b3c60a545bada0452d91a7cb38fce5cdeaba8ba95aa88149c565e061a48105c2d30dfb9089499a40cdf6a4d182e59ea7e6c17c151e303d
SSDEEP

6144:/o+DAQJApVUh2pyAtuEtCzvF5vGau6MSFcrbWuTA6Wl0NAnFBzh63b42ZtX+lnfS:A+ayh45FZRbwquFLkfZgdf2GFZKMz

Score

10^/10

infinitylock persistence ransomware

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6LLIXVr.exe

Resource

win10v2004-20240419-en

infinitylock persistence ransomware

windows10-2004-x64

15 signatures

1800 seconds

Malware Config

Targets

- Target
  
  6LLIXVr.exe
- Size
  
  666KB
- MD5
  
  521eee081cb849de670e04d34c4cd514
- SHA1
  
  4ddede7c6cac3dcd79c1ddbead1f9d618cb97329
- SHA256
  
  ffc3e683579ad8d3eb6c63f13dd540230f4993cf17bfe75b4d364df0a77b8c7c
- SHA512
  
  37e3a4dde33d1588c7b3c60a545bada0452d91a7cb38fce5cdeaba8ba95aa88149c565e061a48105c2d30dfb9089499a40cdf6a4d182e59ea7e6c17c151e303d
- SSDEEP
  
  6144:/o+DAQJApVUh2pyAtuEtCzvF5vGau6MSFcrbWuTA6Wl0NAnFBzh63b42ZtX+lnfS:A+ayh45FZRbwquFLkfZgdf2GFZKMz
Score

10^/10

infinitylock persistence ransomware
- InfinityLock Ransomware
  Also known as InfinityCrypt. Based on the open-source HiddenTear ransomware.
  ransomware infinitylock
- Sets service image path in registry
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

infinitylockpersistenceransomware

© 2018-2024

Terms | Privacy