ouroboros | 8dff91cfab0e19c504ff9e9f207ce1e4a4ca5ef8585513e008ffe02bca9075cc | Triage

Submit
Reports

Overview

overview

Static

static

8dff91cfab...cc.exe

windows7_x64

8dff91cfab...cc.exe

windows10-2004_x64

8

Sharing

General

Target

8dff91cfab0e19c504ff9e9f207ce1e4a4ca5ef8585513e008ffe02bca9075cc
Size

994KB
Sample

220212-artp9afefm
MD5

21a69dfb179a807024a0b8d5838c945c
SHA1

78e680ace5f3c0c226a12210f093f0c5b0e85542
SHA256

8dff91cfab0e19c504ff9e9f207ce1e4a4ca5ef8585513e008ffe02bca9075cc
SHA512

55567a6859f33f2d18a59136cd87458a9219eb9ef9585a305e08ea8f42508460b36b95ef3b5474d5e6eddd64e691cd45fbd9ccb755825a1e336815fe45a04c0a

Score

10^/10

ouroboros evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

8dff91cfab0e19c504ff9e9f207ce1e4a4ca5ef8585513e008ffe02bca9075cc.exe

Resource

win7-en-20211208

ouroboros evasion ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8dff91cfab0e19c504ff9e9f207ce1e4a4ca5ef8585513e008ffe02bca9075cc.exe

Resource

win10v2004-en-20220112

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  8dff91cfab0e19c504ff9e9f207ce1e4a4ca5ef8585513e008ffe02bca9075cc
- Size
  
  994KB
- MD5
  
  21a69dfb179a807024a0b8d5838c945c
- SHA1
  
  78e680ace5f3c0c226a12210f093f0c5b0e85542
- SHA256
  
  8dff91cfab0e19c504ff9e9f207ce1e4a4ca5ef8585513e008ffe02bca9075cc
- SHA512
  
  55567a6859f33f2d18a59136cd87458a9219eb9ef9585a305e08ea8f42508460b36b95ef3b5474d5e6eddd64e691cd45fbd9ccb755825a1e336815fe45a04c0a
Score

10^/10

ouroboros evasion ransomware
- Ouroboros/Zeropadypt
  Ransomware family based on open-source CryptoWire.
  ransomware ouroboros
- Modifies Windows Firewall
  evasion
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ouroborosevasionransomware

behavioral2

© 2018-2024

Terms | Privacy