Overview

overview

9

Static

static

3

xxstrings64-Ocean.exe

windows7-x64

9

xxstrings64-Ocean.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    xxstrings64-Ocean.exe

  • Size

    14KB

  • Sample

    240327-yrfqdsah36

  • MD5

    be257efe41e333ea9c5afa670132d68e

  • SHA1

    bdfc3148cf02923cf6be2bac87883a8738f6b841

  • SHA256

    f0bbdff4dd759ca043bebf7e6fb43a323c0f9e2d954530bd5477e99fec6031ca

  • SHA512

    37cb5a4606e0f2fe7c9dcb341ce311b166b20a797281c6c9e4e81d5198c15771fdc9625b6854d6ae54cada1662c6be1954808f5addf060e5c00be2fd14ba470b

  • SSDEEP

    192:8uQsD4LKYBQFDq7ZQlK6ee2Dv/VTBmrq4/asaOIV27H3Q5tfMcpUK:IsD43BQFDq7ZhZDv/RYx38U

Score
9/10
evasionpersistenceransomware

Malware Config

Targets

    • Target

      xxstrings64-Ocean.exe

    • Size

      14KB

    • MD5

      be257efe41e333ea9c5afa670132d68e

    • SHA1

      bdfc3148cf02923cf6be2bac87883a8738f6b841

    • SHA256

      f0bbdff4dd759ca043bebf7e6fb43a323c0f9e2d954530bd5477e99fec6031ca

    • SHA512

      37cb5a4606e0f2fe7c9dcb341ce311b166b20a797281c6c9e4e81d5198c15771fdc9625b6854d6ae54cada1662c6be1954808f5addf060e5c00be2fd14ba470b

    • SSDEEP

      192:8uQsD4LKYBQFDq7ZQlK6ee2Dv/VTBmrq4/asaOIV27H3Q5tfMcpUK:IsD43BQFDq7ZhZDv/RYx38U

    Score
    9/10
    evasionpersistenceransomware

    • Clears Windows event logs

      evasionransomware

    • Modifies Installed Components in the registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks