Get Started
Platform
Why SentinelOne?
Services
Partners
Resources
About
Pricing
Get Started
Back to Resources

SentinelOne Vs. Marlock Ransomware – Mitigation and Rollback

Video
SentinelOne Vs. Marlock Ransomware – Mitigation and Rollback

⚔️ See how SentinelOne mitigates and rolls back Marlock ransomware. Marlock was first seen in the wild in September of 2021 and is an apparent evolution of Medusa Locker and the various branches of that family. As currently analyzed, it’s functionally identical to recent samples of both Medusa and Huylock.

Upon infection, victims are instructed to connect to the attacker’s paymore portal (.onion) via TOR. Similar to its predecessors, it will attempt to shutdown / terminate any process which may stand in the way of the encryption process and will attempt to inhibit system recovery by deleting VSS / Shadowcopies (via WMIC)

Watch Now
Related Resources
Video
SentinelOne PartnerOne – America’s 2025
Video
Just a Sec: Cybersecurity Unfiltered—Fast, Frank, and From the Front Lines
Video
LABScon24 Replay | A Walking Red Flag (With Yellow Stars) | Cary & Benincasa
Video
LABScon24 Replay | Kryptina RaaS: From Unsellable Cast-off to Enterprise Ransomware | Jim Walter

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform harnesses the power of data and AI to protect your organization now and into the future.

Request a Demo