quantum | 85afbb88525daf50e9256d24a98bae57f78f7c6ca8e5724820a460a5e9bd12b7 | Triage

Sharing

General

Target

nount.exe.bin
Size

75KB
Sample

250105-svm1zszngm
MD5

41ba799c4931f0877d80a623ff9a3192
SHA1

645ab2435541255106e0fbb8175a22bb7379836d
SHA256

85afbb88525daf50e9256d24a98bae57f78f7c6ca8e5724820a460a5e9bd12b7
SHA512

b2b55030993075280e6cea642569e8f11c0d835566a66dc397b5549abf7e389a6bf5f8123ebb9a32145867b8031e32a72a9e577f2854e157482c7312ad73102d
SSDEEP

1536:9aX51pVH9hsgNGLs6BLM1frxz/HTfcKKBaJGEeoSawY:OfJGLs6BwNxnfTKsGkSar

Score

10^/10

quantum ransomware

Malware Config

Targets

- Target
  
  nount.exe.bin
- Size
  
  75KB
- MD5
  
  41ba799c4931f0877d80a623ff9a3192
- SHA1
  
  645ab2435541255106e0fbb8175a22bb7379836d
- SHA256
  
  85afbb88525daf50e9256d24a98bae57f78f7c6ca8e5724820a460a5e9bd12b7
- SHA512
  
  b2b55030993075280e6cea642569e8f11c0d835566a66dc397b5549abf7e389a6bf5f8123ebb9a32145867b8031e32a72a9e577f2854e157482c7312ad73102d
- SSDEEP
  
  1536:9aX51pVH9hsgNGLs6BLM1frxz/HTfcKKBaJGEeoSawY:OfJGLs6BwNxnfTKsGkSar
Score

10^/10

quantum ransomware
- Quantum Ransomware
  A rebrand of the MountLocker ransomware first seen in August 2021.
  ransomware quantum
- Quantum family
  quantum
- Deletes itself
- Drops desktop.ini file(s)
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

quantumransomware

behavioral2

quantumransomware