Malware Analysis – zeppelin – 8090cb9a98392d753116e30e0be9f25a

December 8, 2022

Malware Analysis

Score: 10

  • MALWARE FAMILY: zeppelin
  • TAGS:family:zeppelin, persistence, ransomware
  • MD5: 8090cb9a98392d753116e30e0be9f25a
  • SHA1: 1f45a5e3dc88e363fd6ff83d52a6a2e4ddd8951f
  • ANALYSIS DATE: 2022-12-08T10:56:45Z
  • TTPS: T1060, T1112, T1082, T1012, T1120, T1107, T1490

ScoreMeaningExample
10Known badA malware family was detected.
8-9Likely maliciousOne or more known damaging malware attack patterns were detected.

Examples:
The deleting of shadow copies on Windows.
6-7Shows suspicious behaviourOne or more suspicious actions were detected. The detected actions can be malicious but also have (common) benign uses.

Examples:
Changing file permissions.
Anti-VM behaviour/trying to detect a VM.
2-5Likely benignOne or more interesting behaviours were detected. The detected actions are interesting enough to be notified about but are not directly malicious.
1No (potentially) malicious behaviour was detected.N/A
Tags: , , ,

You may have missed

cybersecurity

“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps

May 2, 2024
gophish

GoPhish Login Page Detected – 13[.]36[.]169[.]174:3333

May 2, 2024
gophish

GoPhish Login Page Detected – 142[.]132[.]171[.]73:443

May 2, 2024
gophish

GoPhish Login Page Detected – 164[.]132[.]224[.]193:3333

May 2, 2024
image 1

8 Base Ransomware Victim: YRW Limited – Chartered Accountants

May 2, 2024