ouroboros | 46afbb780469fd2a5819a9d9ab9d30d2a0d463ff02e6638790624cf326e68b56 | Triage

Submit
Reports

Overview

overview

Static

static

46afbb7804...56.exe

windows7_x64

46afbb7804...56.exe

windows10-2004_x64

Sharing

General

Target

46afbb780469fd2a5819a9d9ab9d30d2a0d463ff02e6638790624cf326e68b56
Size

997KB
Sample

220212-avqg1aeag2
MD5

feb72e2081db664d7539b81060261a28
SHA1

357c7a47208fb8feddb54d50b8600be7cb075f1f
SHA256

46afbb780469fd2a5819a9d9ab9d30d2a0d463ff02e6638790624cf326e68b56
SHA512

ac8cd678fd39259a150c2d4ac88143197553acd1e91d98dfee3eefd655818e176888433363dfc49189c7c10c76b888c56684a993a782ae9222adc4ef95e7107a

Score

10^/10

ouroboros evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

46afbb780469fd2a5819a9d9ab9d30d2a0d463ff02e6638790624cf326e68b56.exe

Resource

win7-en-20211208

ouroboros evasion ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

46afbb780469fd2a5819a9d9ab9d30d2a0d463ff02e6638790624cf326e68b56.exe

Resource

win10v2004-en-20220112

ouroboros evasion ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  46afbb780469fd2a5819a9d9ab9d30d2a0d463ff02e6638790624cf326e68b56
- Size
  
  997KB
- MD5
  
  feb72e2081db664d7539b81060261a28
- SHA1
  
  357c7a47208fb8feddb54d50b8600be7cb075f1f
- SHA256
  
  46afbb780469fd2a5819a9d9ab9d30d2a0d463ff02e6638790624cf326e68b56
- SHA512
  
  ac8cd678fd39259a150c2d4ac88143197553acd1e91d98dfee3eefd655818e176888433363dfc49189c7c10c76b888c56684a993a782ae9222adc4ef95e7107a
Score

10^/10

ouroboros evasion ransomware
- Ouroboros/Zeropadypt
  Ransomware family based on open-source CryptoWire.
  ransomware ouroboros
- Modifies Windows Firewall
  evasion
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ouroborosevasionransomware

behavioral2

ouroborosevasionransomware

© 2018-2024

Terms | Privacy