- Distribution Method : Disguised as an Adobe Premiere crack file
- MD5 : ce2181d5d38cdc46f69d0ea7c6aaf5f4
- Major Detection Name : MSIL.Trojan-Ransom.InfinityLock.A (GData), Ransom_INFINITYLOCK.A (Trend Micro)
- Encrypted File Pattern : .<Random Extension>
- Malicious File Creation Location : C:\Users\%UserName%\AppData\Local\Temp\UI.exe
- Payment Instruction File : InfinityLock_Recover_Instructions.txt / InfinityLock_UniqeID.txt
- Major Characteristics :
- Offline Encryption
- Changes desktop background (C:\Users\%UserName%\Desktop\InfinityLock_Recover_Instructions.png)
List