General
-
Target
30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83.bin
-
Size
112KB
-
Sample
210512-3jy729gere
-
MD5
ce3969ab935f0f5b1301cd70d2e59696
-
SHA1
e70d3341a6e2cc8ae0f140075837ceac4453b947
-
SHA256
30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83
-
SHA512
20998be53a994d7adab2b71bafccec1eeb93e356965582161fa1fccea023fbf62b0145adf5e0621118f00a4ea12a71fbb5de2fdd129d92879502a5a3da019a36
Static task
static1
Behavioral task
behavioral1
Sample
30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83.bin.msi
Resource
win7v20210410
Behavioral task
behavioral2
Sample
30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83.bin.msi
Resource
win10v20210410
Malware Config
Targets
-
-
Target
30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83.bin
-
Size
112KB
-
MD5
ce3969ab935f0f5b1301cd70d2e59696
-
SHA1
e70d3341a6e2cc8ae0f140075837ceac4453b947
-
SHA256
30050b3673c720729cd6a61803059b16dd3aa526683e7342aae0261e4c78fa83
-
SHA512
20998be53a994d7adab2b71bafccec1eeb93e356965582161fa1fccea023fbf62b0145adf5e0621118f00a4ea12a71fbb5de2fdd129d92879502a5a3da019a36
Score10/10-
Detected Mount Locker ransomware
-
MountLocker Ransomware
Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-