mountlocker | 5eae13527d4e39059025c3e56dad966cf67476fe7830090e40c14d0a4046adf0 | Triage

Submit
Reports

Overview

overview

Static

static

5eae13527d...in.exe

windows7_x64

5eae13527d...in.exe

windows10_x64

Sharing

General

Target

5eae13527d4e39059025c3e56dad966cf67476fe7830090e40c14d0a4046adf0.bin
Size

94KB
Sample

210512-jmgl6ccxmj
MD5

0bc638d8c24a8dbd1c17bca989281624
SHA1

ce70c7d8c9c868a675d4002342af8d55e3053363
SHA256

5eae13527d4e39059025c3e56dad966cf67476fe7830090e40c14d0a4046adf0
SHA512

c1c64f60bcc578916469be59b451f13289a3a5e5431de52d335b5824e3b7cb18b2fe9ee6ea1924282974bd1eeb9ad85c1f37c34fc78f9b7a52ba98e454683450

Score

10^/10

mountlocker ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

5eae13527d4e39059025c3e56dad966cf67476fe7830090e40c14d0a4046adf0.bin.exe

Resource

win7v20210410

mountlocker ransomware spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5eae13527d4e39059025c3e56dad966cf67476fe7830090e40c14d0a4046adf0.bin.exe

Resource

win10v20210410

mountlocker ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  5eae13527d4e39059025c3e56dad966cf67476fe7830090e40c14d0a4046adf0.bin
- Size
  
  94KB
- MD5
  
  0bc638d8c24a8dbd1c17bca989281624
- SHA1
  
  ce70c7d8c9c868a675d4002342af8d55e3053363
- SHA256
  
  5eae13527d4e39059025c3e56dad966cf67476fe7830090e40c14d0a4046adf0
- SHA512
  
  c1c64f60bcc578916469be59b451f13289a3a5e5431de52d335b5824e3b7cb18b2fe9ee6ea1924282974bd1eeb9ad85c1f37c34fc78f9b7a52ba98e454683450
Score

10^/10

mountlocker ransomware spyware stealer
- MountLocker Ransomware
  Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.
  ransomware mountlocker
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File Deletion

Hidden Files and Directories

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

mountlockerransomwarespywarestealer

behavioral2

mountlockerransomwarespywarestealer

© 2018-2024

Terms | Privacy