ouroboros | f048d645993b4b855dd76e5a5227b00bfa25e9a56c88b1a5c879d3cc8d0db42b | Triage

Submit
Reports

Overview

overview

Static

static

f048d64599...2b.exe

windows7_x64

f048d64599...2b.exe

windows10-2004_x64

Sharing

General

Target

f048d645993b4b855dd76e5a5227b00bfa25e9a56c88b1a5c879d3cc8d0db42b
Size

994KB
Sample

220212-ankceafecn
MD5

01dff1137a649d446b9468cfc2d57abb
SHA1

23f971f8a2feae189b1a6c715a196accb46a342b
SHA256

f048d645993b4b855dd76e5a5227b00bfa25e9a56c88b1a5c879d3cc8d0db42b
SHA512

3d4d3c5d7e3598a9a3d970d280d51b379eeeca43dc5f371f74e40963cfeb8cdd538de049de65d20caa4ee260eb7d461de2eba2718ff19425a493225d864b2ad0

Score

10^/10

ouroboros evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

f048d645993b4b855dd76e5a5227b00bfa25e9a56c88b1a5c879d3cc8d0db42b.exe

Resource

win7-en-20211208

ouroboros evasion ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f048d645993b4b855dd76e5a5227b00bfa25e9a56c88b1a5c879d3cc8d0db42b.exe

Resource

win10v2004-en-20220113

ouroboros evasion ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  f048d645993b4b855dd76e5a5227b00bfa25e9a56c88b1a5c879d3cc8d0db42b
- Size
  
  994KB
- MD5
  
  01dff1137a649d446b9468cfc2d57abb
- SHA1
  
  23f971f8a2feae189b1a6c715a196accb46a342b
- SHA256
  
  f048d645993b4b855dd76e5a5227b00bfa25e9a56c88b1a5c879d3cc8d0db42b
- SHA512
  
  3d4d3c5d7e3598a9a3d970d280d51b379eeeca43dc5f371f74e40963cfeb8cdd538de049de65d20caa4ee260eb7d461de2eba2718ff19425a493225d864b2ad0
Score

10^/10

ouroboros evasion ransomware
- Ouroboros/Zeropadypt
  Ransomware family based on open-source CryptoWire.
  ransomware ouroboros
- Modifies Windows Firewall
  evasion
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ouroborosevasionransomware

behavioral2

ouroborosevasionransomware

© 2018-2024

Terms | Privacy