Overview

overview

10

Static

static

10

4a5ac3c6f8...c1.exe

windows7_x64

10

4a5ac3c6f8...c1.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mountlocker.zip

  • Size

    24KB

  • Sample

    210719-5lrnxvgze2

  • MD5

    e675db198b6396839c0c4baa6dc6a5c7

  • SHA1

    4a8dd234de0c13eb7b5fcbf8b3eaac903398793a

  • SHA256

    1906d011f27492072b8f063e136ccf12b14a7a79b6630953ca3f0b955a07a874

  • SHA512

    c9cd5529fd08c05521332a0686c8633c817f398691076e640c14581e30a2cfee61d916b1c9ca80025b4578aa135ede351ea3d27402d287ef85dbd6c264fa16f9

Score
10/10
mountlockerransomware

Malware Config

Targets

    • Target

      4a5ac3c6f8383cc33c795804ba5f7f5553c029bbb4a6d28f1e4d8fb5107902c1

    • Size

      66KB

    • MD5

      3808f21e56dede99bc914d90aeabe47a

    • SHA1

      93cc73149d4bb34830a2cb2a3047e9267b9e3080

    • SHA256

      4a5ac3c6f8383cc33c795804ba5f7f5553c029bbb4a6d28f1e4d8fb5107902c1

    • SHA512

      4ae55145cca3a6f1ed3feff5b2bd38121e37c4cc528e08d5de771bcc4855994560bfc8c22898d73c5b259e37d2dc803615b8f6ec859e53918bd7a1ffee9316b3

    Score
    10/10
    mountlockerransomware

    • MountLocker Ransomware

      Ransomware family first seen in late 2020, which threatens to leak files if ransom is not paid.

      ransomwaremountlocker

    • Modifies extensions of user files

      Ransomware generally changes the extension on encrypted files.

      ransomware

    • Deletes itself

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks