ouroboros | 0822aba5ae3a202584bcf7289ea3fcac9b4108cd387e7688a2cf6a1d7691327c | Triage

Submit
Reports

Overview

overview

Static

static

0822aba5ae...7c.exe

windows7_x64

0822aba5ae...7c.exe

windows10-2004_x64

Sharing

General

Target

0822aba5ae3a202584bcf7289ea3fcac9b4108cd387e7688a2cf6a1d7691327c
Size

994KB
Sample

220212-axj31aeah2
MD5

59121158ef88411544355a5bf293297c
SHA1

636510582fb27d2a23da35eeb55ef577f52caf68
SHA256

0822aba5ae3a202584bcf7289ea3fcac9b4108cd387e7688a2cf6a1d7691327c
SHA512

fefbe9c3289f3cb410ddd8e742b3d27fba035827764aad47d304b9f0f23aef89a7215d85c6371c9900898b2b332b8b3a45a7fc117e33c43928f22b695609d4e2

Score

10^/10

ouroboros evasion ransomware

Static task

static1

Behavioral task

behavioral1

Sample

0822aba5ae3a202584bcf7289ea3fcac9b4108cd387e7688a2cf6a1d7691327c.exe

Resource

win7-en-20211208

ouroboros evasion ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0822aba5ae3a202584bcf7289ea3fcac9b4108cd387e7688a2cf6a1d7691327c.exe

Resource

win10v2004-en-20220113

ouroboros evasion ransomware

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0822aba5ae3a202584bcf7289ea3fcac9b4108cd387e7688a2cf6a1d7691327c
- Size
  
  994KB
- MD5
  
  59121158ef88411544355a5bf293297c
- SHA1
  
  636510582fb27d2a23da35eeb55ef577f52caf68
- SHA256
  
  0822aba5ae3a202584bcf7289ea3fcac9b4108cd387e7688a2cf6a1d7691327c
- SHA512
  
  fefbe9c3289f3cb410ddd8e742b3d27fba035827764aad47d304b9f0f23aef89a7215d85c6371c9900898b2b332b8b3a45a7fc117e33c43928f22b695609d4e2
Score

10^/10

ouroboros evasion ransomware
- Ouroboros/Zeropadypt
  Ransomware family based on open-source CryptoWire.
  ransomware ouroboros
- Modifies Windows Firewall
  evasion
- Drops desktop.ini file(s)
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ouroborosevasionransomware

behavioral2

ouroborosevasionransomware

© 2018-2024

Terms | Privacy