Unmasking MedusaLocker Ransomware
Common Information
Type Value
UUID 8beff31b-7cf6-45d1-8888-4af88f87b4f9
Fingerprint fed571710ec6b249
Analysis status DONE
Considered CTI value 2
Text language
Published March 15, 2023, midnight
Added to db Oct. 24, 2023, 1:27 p.m.
Last updated Nov. 17, 2024, 6:56 p.m.
Headline Alarming increase in MedusaLocker Ransomware Victims
Title Unmasking MedusaLocker Ransomware
Detected Hints/Tags/Attributes 97/4/65
Attributes
Details Type #Events CTI Value
Details File 47
cmstp.exe
Details File 1122
svchost.exe
Details File 41
svhost.exe
Details File 11
wxserver.exe
Details File 119
sqlservr.exe
Details File 13
sqlmangr.exe
Details File 12
ragui.exe
Details File 12
supervise.exe
Details File 13
culture.exe
Details File 28
rtvscan.exe
Details File 15
defwatch.exe
Details File 62
sqlbrowser.exe
Details File 323
winword.exe
Details File 19
qbw32.exe
Details File 13
qbdbmgr.exe
Details File 12
qbupdate.exe
Details File 9
qbcfmonitorservice.exe
Details File 12
axlbridge.exe
Details File 12
qbidpservice.exe
Details File 36
httpd.exe
Details File 18
fdlauncher.exe
Details File 11
msdtsrvr.exe
Details File 15
tomcat6.exe
Details File 87
java.exe
Details File 17
360se.exe
Details File 14
360doctor.exe
Details File 11
wdswfsafe.exe
Details File 20
fdhost.exe
Details File 18
gdscan.exe
Details File 36
zhudongfangyu.exe
Details md5 2
3618b68d7db4614ec8d33b5052cc0e85
Details md5 2
28ec152fadc5119c31f1fc984735b324
Details md5 2
d9fa435d704caebc54408e03227f0044
Details md5 2
2979ed84c4ca3deb2924bd1f26bf88bd
Details md5 2
2316091f02153ac20dff768513aae1a4
Details md5 2
e03fa1e0dd3dc0fb6960e76219ddf86c
Details md5 2
168447d837fc71deeee9f6c15e22d4f4
Details md5 2
57ee7ef00e009c4048d78406b3dca5b7
Details md5 2
aa82e62207615d2f227ce9a0e488b912
Details sha1 2
15177fbb65d707b308bac50f612b795494314001
Details sha1 2
48e24f5c2c7572ed29a0e58b02e596f0638bc1f6
Details sha1 2
0f36dff0f1beaf57d68b12fa0234853638c1c6f0
Details sha1 2
8f01f9112904389e0b53a25506ef69f99cc0fa1b
Details sha1 2
6b7b1017b9313ab87fccf4ea08a427c1499b89dc
Details sha1 2
c92fd297256aa8d70607e33188b91442208aaeb3
Details sha1 2
80ad29680cb8cecf58d870ee675b155fc616097f
Details sha1 2
81467ca16e87dfacd9c965f105fb5b30548f1ded
Details sha1 2
d9390b6c1478970a9e7b8a3fe854a42efdc582f6
Details sha256 2
1658a064cb5a5681eee7ea82f92a2b7a14f70268dda3fc7aad8a610434711a8f
Details sha256 2
3e22df5e41df76a46ab360be05fe0ee5c336c84fd55db7763fe4e214dca194b4
Details sha256 2
8724e513ca2b4ce055bb846220e57c2ab622f296bf7a768393a701319d3eac70
Details sha256 2
bcf49e8f493c9eff83d9bc891e91dc91777f02b4f176e44b20f9a2d651f20fc3
Details sha256 2
940bddbc6ef19b211f2022d61bf4d006969da11f9fe0beba98586e554dfcc741
Details sha256 2
0a758a922bdaacc08a84a62881eeb0f17075058ecf7329cbc10a9bfe1fba0814
Details sha256 2
add2850732c42683ee92ba555bbffb88bf5a4eee7c51e24f15a898f2d5aff66b
Details sha256 2
e0221e692fa3476cb2d862c1aee07f3e87d83411ef9a534fdf8d20efbaee0394
Details sha256 2
79e009e12ba6d60665faf5bdd523d80f0fe6be28694914cf0fa64929b4052e67
Details MITRE ATT&CK Techniques 191
T1133
Details MITRE ATT&CK Techniques 409
T1566
Details MITRE ATT&CK Techniques 275
T1053.005
Details MITRE ATT&CK Techniques 86
T1548.002
Details MITRE ATT&CK Techniques 298
T1562.001
Details MITRE ATT&CK Techniques 176
T1135
Details MITRE ATT&CK Techniques 472
T1486
Details Windows Registry Key 4
HKEY_CURRENT_USER\SOFTWARE\MDSLK