ouroboros | bb51eef3e46dc4ebf041dd7ac6e717d36eea57ca3acc88efad65fa3cb06081ee | Triage

Submit
Reports

Overview

overview

Static

static

bb51eef3e4...ee.exe

windows7_x64

bb51eef3e4...ee.exe

windows10-2004_x64

Sharing

General

Target

bb51eef3e46dc4ebf041dd7ac6e717d36eea57ca3acc88efad65fa3cb06081ee
Size

994KB
Sample

220212-ap29lsfedq
MD5

043051032c01d2d5e7dc0a180eab52f0
SHA1

6a708fc95a1b0d0f60b5674b652e27b52db2fbbd
SHA256

bb51eef3e46dc4ebf041dd7ac6e717d36eea57ca3acc88efad65fa3cb06081ee
SHA512

754d42a6600cfd11999b7e7a2cd771c62e42d8cd581a621cae764c245cc68af1b56c554704ea81cb0b17059bf94bf0a17798e14f26732840cb74a74a390b2537

Score

10^/10

ouroboros evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

bb51eef3e46dc4ebf041dd7ac6e717d36eea57ca3acc88efad65fa3cb06081ee.exe

Resource

win7-en-20211208

ouroboros evasion ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bb51eef3e46dc4ebf041dd7ac6e717d36eea57ca3acc88efad65fa3cb06081ee.exe

Resource

win10v2004-en-20220113

ouroboros evasion ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bb51eef3e46dc4ebf041dd7ac6e717d36eea57ca3acc88efad65fa3cb06081ee
- Size
  
  994KB
- MD5
  
  043051032c01d2d5e7dc0a180eab52f0
- SHA1
  
  6a708fc95a1b0d0f60b5674b652e27b52db2fbbd
- SHA256
  
  bb51eef3e46dc4ebf041dd7ac6e717d36eea57ca3acc88efad65fa3cb06081ee
- SHA512
  
  754d42a6600cfd11999b7e7a2cd771c62e42d8cd581a621cae764c245cc68af1b56c554704ea81cb0b17059bf94bf0a17798e14f26732840cb74a74a390b2537
Score

10^/10

ouroboros evasion ransomware
- Ouroboros/Zeropadypt
  Ransomware family based on open-source CryptoWire.
  ransomware ouroboros
- Modifies Windows Firewall
  evasion
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ouroborosevasionransomware

behavioral2

ouroborosevasionransomware

© 2018-2024

Terms | Privacy