mountlocker | 0aa8099c5a65062ba4baec8274e1a0650ff36e757a91312e1755fded50a79d47 | Triage

Submit
Reports

Overview

overview

Static

static

0aa8099c5a...in.exe

windows7_x64

0aa8099c5a...in.exe

windows10_x64

Sharing

General

Target

0aa8099c5a65062ba4baec8274e1a0650ff36e757a91312e1755fded50a79d47.bin
Size

94KB
Sample

210512-y5qvr9c8gx
MD5

b63a8bfdf7df9f9dd8c3bedb99b6f8ff
SHA1

9e61b0960ac40452067720e8839b71ef10c05949
SHA256

0aa8099c5a65062ba4baec8274e1a0650ff36e757a91312e1755fded50a79d47
SHA512

8a1ae8c6fde917e6a53f33a13cef8065a90a6b31a84f4b8effbd1527ad1769d4712e37e31e65594aaea35d4bad80a0c0499404e8267c305500f8ed4ce5fa304b

Score

10^/10

mountlocker ransomware spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

0aa8099c5a65062ba4baec8274e1a0650ff36e757a91312e1755fded50a79d47.bin.exe

Resource

win7v20210410

mountlocker ransomware spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0aa8099c5a65062ba4baec8274e1a0650ff36e757a91312e1755fded50a79d47.bin.exe

Resource

win10v20210410

mountlocker ransomware spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0aa8099c5a65062ba4baec8274e1a0650ff36e757a91312e1755fded50a79d47.bin
- Size
  
  94KB
- MD5
  
  b63a8bfdf7df9f9dd8c3bedb99b6f8ff
- SHA1
  
  9e61b0960ac40452067720e8839b71ef10c05949
- SHA256
  
  0aa8099c5a65062ba4baec8274e1a0650ff36e757a91312e1755fded50a79d47
- SHA512
  
  8a1ae8c6fde917e6a53f33a13cef8065a90a6b31a84f4b8effbd1527ad1769d4712e37e31e65594aaea35d4bad80a0c0499404e8267c305500f8ed4ce5fa304b
Score

10^/10

mountlocker ransomware spyware stealer
- MountLocker Ransomware
  Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.
  ransomware mountlocker
- Deletes shadow copies
  Ransomware often targets backup files to inhibit system recovery.
  ransomware
- Modifies extensions of user files
  Ransomware generally changes the extension on encrypted files.
  ransomware
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Privilege Escalation

Defense Evasion

File Deletion

Hidden Files and Directories

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Inhibit System Recovery

Tasks

static1

behavioral1

mountlockerransomwarespywarestealer

behavioral2

mountlockerransomwarespywarestealer

© 2018-2024

Terms | Privacy