ouroboros | 572e3a4d8e295b5f68e58b3192ccf07e99487e3bf38f1abc78fda7a116956b23 | Triage

Submit
Reports

Overview

overview

Static

static

5

SecuriteIn...25.elf

ubuntu-24.04-amd64

Sharing

General

Target

SecuriteInfo.com.Linux.Siggen.9999.31454.15725.elf
Size

31KB
Sample

240924-qn18xszejg
MD5

fe87a628585f16cfe0531eeccb7480bc
SHA1

a825b5d4ec95ed330a87f0dd0948180dd84e3829
SHA256

572e3a4d8e295b5f68e58b3192ccf07e99487e3bf38f1abc78fda7a116956b23
SHA512

5877ecc2110200f73c1829dd5a2cfe3fdefc7c06928aeb2e5fc6642855a0ebc3227a9c9e81b9740c52d8f1b034521a7769c5a0e26c68fe489ddaef02c07c46a7
SSDEEP

768:aLAZrNTx7XJMsPJonYxstNGmlVhzQlz5QwGElXC3r5JNzw5WcHI:xhTRXKUJonYxYlVhsV5yy0Ss

Score

10^/10

ouroboros discovery linux ransomware rootkit upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

SecuriteInfo.com.Linux.Siggen.9999.31454.15725.elf

Resource

ubuntu2404-amd64-20240523-en

ouroboros discovery ransomware rootkit

ubuntu-24.04-amd64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  SecuriteInfo.com.Linux.Siggen.9999.31454.15725.elf
- Size
  
  31KB
- MD5
  
  fe87a628585f16cfe0531eeccb7480bc
- SHA1
  
  a825b5d4ec95ed330a87f0dd0948180dd84e3829
- SHA256
  
  572e3a4d8e295b5f68e58b3192ccf07e99487e3bf38f1abc78fda7a116956b23
- SHA512
  
  5877ecc2110200f73c1829dd5a2cfe3fdefc7c06928aeb2e5fc6642855a0ebc3227a9c9e81b9740c52d8f1b034521a7769c5a0e26c68fe489ddaef02c07c46a7
- SSDEEP
  
  768:aLAZrNTx7XJMsPJonYxstNGmlVhzQlz5QwGElXC3r5JNzw5WcHI:xhTRXKUJonYxYlVhsV5yy0Ss
Score

10^/10

ouroboros discovery ransomware rootkit
- Ouroboros/Zeropadypt
  Ransomware family based on open-source CryptoWire.
  ransomware ouroboros
- Contacts a large (354638) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ouroborosdiscoveryransomwarerootkit

© 2018-2024

Terms | Privacy