Overview

overview

10

Static

static

10

e435a95489...in.exe

windows7_x64

10

e435a95489...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e435a95489a4ebdfdc12031091f92a7f9c5e3f6cc9b55355ee4030d82553e9ac.bin

  • Size

    46KB

  • Sample

    210512-mdbasw81bx

  • MD5

    2f512bcf9d5fb1930365ecde38f683dc

  • SHA1

    9825ae4ae7c65a4fa622478b60659e1992e7f725

  • SHA256

    e435a95489a4ebdfdc12031091f92a7f9c5e3f6cc9b55355ee4030d82553e9ac

  • SHA512

    7819106e25732fe76858d1f4561e7851caee35bd9f10b5b392521fa0f596eb37c174ebbfd959cd5f675d09fa9d4c4325b0f09e9d7d36d8d140a9a0ee6f22beee

Score
10/10
mountlockerransomware

Malware Config

Targets

    • Target

      e435a95489a4ebdfdc12031091f92a7f9c5e3f6cc9b55355ee4030d82553e9ac.bin

    • Size

      46KB

    • MD5

      2f512bcf9d5fb1930365ecde38f683dc

    • SHA1

      9825ae4ae7c65a4fa622478b60659e1992e7f725

    • SHA256

      e435a95489a4ebdfdc12031091f92a7f9c5e3f6cc9b55355ee4030d82553e9ac

    • SHA512

      7819106e25732fe76858d1f4561e7851caee35bd9f10b5b392521fa0f596eb37c174ebbfd959cd5f675d09fa9d4c4325b0f09e9d7d36d8d140a9a0ee6f22beee

    Score
    10/10
    mountlockerransomware

    • MountLocker Ransomware

      Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.

      ransomwaremountlocker

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Deletes itself

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks