mmlocker | baba76d578be903c9d78e3d6417636ba6a8069cafe9ccccdfce2bc19b43fc299 | Triage

Sharing

General

Target

baba76d578be903c9d78e3d6417636ba6a8069cafe9ccccdfce2bc19b43fc299.exe
Size

230KB
Sample

200220-c1c318xahn
MD5

9fd056a806343253a57b3fb16260b16a
SHA1

6fe4d8992cd01266c26d28ef15fee7afa3ee0497
SHA256

baba76d578be903c9d78e3d6417636ba6a8069cafe9ccccdfce2bc19b43fc299
SHA512

e27ae1d1bb14c1ff6f962104cdb8a4e28a214fa90ede46fa3b974b89a400acebaac71b72140dd8aaf7ac386a6a239009eef19609343d05b6831e40648fdab6e5

Score

10^/10

mmlocker ransomware

Malware Config

Targets

- Target
  
  baba76d578be903c9d78e3d6417636ba6a8069cafe9ccccdfce2bc19b43fc299.exe
- Size
  
  230KB
- MD5
  
  9fd056a806343253a57b3fb16260b16a
- SHA1
  
  6fe4d8992cd01266c26d28ef15fee7afa3ee0497
- SHA256
  
  baba76d578be903c9d78e3d6417636ba6a8069cafe9ccccdfce2bc19b43fc299
- SHA512
  
  e27ae1d1bb14c1ff6f962104cdb8a4e28a214fa90ede46fa3b974b89a400acebaac71b72140dd8aaf7ac386a6a239009eef19609343d05b6831e40648fdab6e5
Score

10^/10

ransomware mmlocker
- MM Locker
  Ransomware family distributed via phishing email and malicious game cracks.
  ransomware mmlocker
- Executes dropped EXE
- Sets desktop wallpaper using registry
  ransomware
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

ransomwaremmlocker