Overview

overview

10

Static

static

10

f570d5b176...in.exe

windows7_x64

10

f570d5b176...in.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f570d5b17671e6f3e56eae6ad87be3a6bbfac46c677e478618afd9f59bf35963.bin

  • Size

    94KB

  • Sample

    210512-wptae9m14x

  • MD5

    e7fde51fc294e7365618a72ac50cb1a4

  • SHA1

    23c4fe41acb2114b3a1b07e3c8ef1814c6cf4175

  • SHA256

    f570d5b17671e6f3e56eae6ad87be3a6bbfac46c677e478618afd9f59bf35963

  • SHA512

    02d6facd15ae597f285ad89be8581d0ba55a341b55e570469ab4b8cd4786bb912dd033c969dbbee583e9f9baf8758d5d96c7d92f7592649fb92607bc514f0446

Score
10/10
mountlockerransomwarespywarestealer

Malware Config

Targets

    • Target

      f570d5b17671e6f3e56eae6ad87be3a6bbfac46c677e478618afd9f59bf35963.bin

    • Size

      94KB

    • MD5

      e7fde51fc294e7365618a72ac50cb1a4

    • SHA1

      23c4fe41acb2114b3a1b07e3c8ef1814c6cf4175

    • SHA256

      f570d5b17671e6f3e56eae6ad87be3a6bbfac46c677e478618afd9f59bf35963

    • SHA512

      02d6facd15ae597f285ad89be8581d0ba55a341b55e570469ab4b8cd4786bb912dd033c969dbbee583e9f9baf8758d5d96c7d92f7592649fb92607bc514f0446

    Score
    10/10
    mountlockerransomwarespywarestealer

    • MountLocker Ransomware

      Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.

      ransomwaremountlocker

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks