Overview

overview

10

Static

static

10

30050b3673...in.msi

windows7_x64

10

30050b3673...in.msi

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83.bin

  • Size

    112KB

  • Sample

    210512-3jy729gere

  • MD5

    ce3969ab935f0f5b1301cd70d2e59696

  • SHA1

    e70d3341a6e2cc8ae0f140075837ceac4453b947

  • SHA256

    30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83

  • SHA512

    20998be53a994d7adab2b71bafccec1eeb93e356965582161fa1fccea023fbf62b0145adf5e0621118f00a4ea12a71fbb5de2fdd129d92879502a5a3da019a36

Score
10/10
mountlockermacroransomwarexlm

Malware Config

Targets

    • Target

      30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83.bin

    • Size

      112KB

    • MD5

      ce3969ab935f0f5b1301cd70d2e59696

    • SHA1

      e70d3341a6e2cc8ae0f140075837ceac4453b947

    • SHA256

      30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83

    • SHA512

      20998be53a994d7adab2b71bafccec1eeb93e356965582161fa1fccea023fbf62b0145adf5e0621118f00a4ea12a71fbb5de2fdd129d92879502a5a3da019a36

    Score
    10/10
    mountlockerransomware

    • Detected Mount Locker ransomware

    • MountLocker Ransomware

      Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.

      ransomwaremountlocker

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks