ouroboros | 94afdfe738467eae8094ba37281096fddffa7970a31a688c934c92dc0fac4eb1 | Triage

Submit
Reports

Overview

overview

Static

static

94afdfe738...b1.exe

windows7_x64

94afdfe738...b1.exe

windows10-2004_x64

Sharing

General

Target

94afdfe738467eae8094ba37281096fddffa7970a31a688c934c92dc0fac4eb1
Size

1.0MB
Sample

220212-ark34sfefj
MD5

4d4c7db3318f4c6e7988c0df757513bc
SHA1

5cba2c8b3cc9d78a5e3e95b7d5c0675c86834795
SHA256

94afdfe738467eae8094ba37281096fddffa7970a31a688c934c92dc0fac4eb1
SHA512

268639d6a7959828224e011587e293233d1282b4e23a03dec9832e5a3d74b9a01d99de19c8eab9c8618c79991adb81db6c34a93c67d87be6021167924401dca3

Score

10^/10

ouroboros ransomware

Static task

static1

Behavioral task

behavioral1

Sample

94afdfe738467eae8094ba37281096fddffa7970a31a688c934c92dc0fac4eb1.exe

Resource

win7-en-20211208

ouroboros ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

94afdfe738467eae8094ba37281096fddffa7970a31a688c934c92dc0fac4eb1.exe

Resource

win10v2004-en-20220113

ouroboros ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  94afdfe738467eae8094ba37281096fddffa7970a31a688c934c92dc0fac4eb1
- Size
  
  1.0MB
- MD5
  
  4d4c7db3318f4c6e7988c0df757513bc
- SHA1
  
  5cba2c8b3cc9d78a5e3e95b7d5c0675c86834795
- SHA256
  
  94afdfe738467eae8094ba37281096fddffa7970a31a688c934c92dc0fac4eb1
- SHA512
  
  268639d6a7959828224e011587e293233d1282b4e23a03dec9832e5a3d74b9a01d99de19c8eab9c8618c79991adb81db6c34a93c67d87be6021167924401dca3
Score

10^/10

ouroboros ransomware
- Ouroboros/Zeropadypt
  Ransomware family based on open-source CryptoWire.
  ransomware ouroboros
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

ouroborosransomware

behavioral2

ouroborosransomware

© 2018-2024

Terms | Privacy