# INC Ransomware > Tipo: **malware** · S1139 · [MITRE ATT&CK](https://attack.mitre.org/software/S1139) ## Descrição [[s1139-inc-ransomware|INC Ransomware]] é uma variante de ransomware utilizada pelo grupo [[g1032-inc-ransom|INC Ransom]] desde pelo menos 2023 contra múltiplos setores da indústria em todo o mundo. O [[s1139-inc-ransomware|INC Ransomware]] pode empregar criptografia parcial combinada com multi-threading para acelerar o processo de cifragem. **Plataformas:** Windows ## Técnicas Utilizadas - [[t1120-peripheral-device-discovery|T1120 - Peripheral Device Discovery]] - [[t1570-lateral-tool-transfer|T1570 - Lateral Tool Transfer]] - [[t1566-phishing|T1566 - Phishing]] - [[t1106-native-api|T1106 - Native API]] - [[t1652-device-driver-discovery|T1652 - Device Driver Discovery]] - [[t1490-inhibit-system-recovery|T1490 - Inhibit System Recovery]] - [[t1047-windows-management-instrumentation|T1047 - Windows Management Instrumentation]] - [[t1680-local-storage-discovery|T1680 - Local Storage Discovery]] - [[t1135-network-share-discovery|T1135 - Network Share Discovery]] - [[t1486-data-encrypted-for-impact|T1486 - Data Encrypted for Impact]] - [[t1140-deobfuscatedecode-files-or-information|T1140 - Deobfuscaté/Decode Files or Information]] - [[t1083-file-and-directory-discovery|T1083 - File and Directory Discovery]] - [[t1057-process-discovery|T1057 - Process Discovery]] - [[t1489-service-stop|T1489 - Service Stop]] - [[t1491-001-internal-defacement|T1491.001 - Internal Defacement]] ## Grupos que Usam - [[g1032-inc-ransom|INC Ransom]] ## Referências - [MITRE ATT&CK - S1139](https://attack.mitre.org/software/S1139)