Description
Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.
226a723ffb4a91d9950a8b266167c5b354ab0db1dc225578494917fe53867ef2.zip
General
Target
Size
Sample
226a723ffb4a91d9950a8b266167c5b354ab0db1dc225578494917fe53867ef2.zip
68KB
201122-a14ms1r5dj
Score
10 /10
MD5
SHA1
SHA256
SHA512
ef22d537796a83703a9e509e1df8e0af
818c3ce7d75f82b8b41510fd271d3b2aa8a318ad
8d6ed5c6016d0458ad1e7f089e22aa75537f768dd485ed8c09c37eac2a1a72f0
5c8edebbcc5d47f68c5f7e3930cab97386105fc1e30926e679fed41149639aaae1e65c938d2d71661b2dfd2d98871a064ff78de3640a9fd2961655bfb79c7c26
Malware Config
Targets
Target
MD5
Filesize
226a723ffb4a91d9950a8b266167c5b354ab0db1dc225578494917fe53867ef2.exe
c2671bf5b5dedbfd3cfe3f0f944fbe01
200KB
Score
10/10
SHA1
SHA256
SHA512
da3e830011e6f9d41dd6c93fdb48c47c1c6e35e1
226a723ffb4a91d9950a8b266167c5b354ab0db1dc225578494917fe53867ef2
256bc8582cc9b53b3cf9307a2882117476648ab9df540d501fc5f46a4030beacab9df2019f2d83b0a63d510803cbf6cbae01dc1325588f93a1a74521a07fe4d9
Tags
Signatures
-
MountLocker Ransomware
-
Deletes shadow copies
Description
Ransomware often targets backup files to inhibit system recovery.
Tags
TTPs
-
Modifies extensions of user files
Description
Ransomware generally changes the extension on encrypted files.
Tags
-
Deletes itself
-
Drops desktop.ini file(s)
-
Modifies service
Tags
TTPs
Related Tasks
MITRE ATT&CK Matrix
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Tasks