Malware Analysis – zeppelin – 8090cb9a98392d753116e30e0be9f25a

Malware Analysis

Score: 10

  • MALWARE FAMILY: zeppelin
  • TAGS:family:zeppelin, persistence, ransomware
  • MD5: 8090cb9a98392d753116e30e0be9f25a
  • SHA1: 1f45a5e3dc88e363fd6ff83d52a6a2e4ddd8951f
  • ANALYSIS DATE: 2022-12-08T10:56:45Z
  • TTPS: T1060, T1112, T1082, T1012, T1120, T1107, T1490

ScoreMeaningExample
10Known badA malware family was detected.
8-9Likely maliciousOne or more known damaging malware attack patterns were detected.

Examples:
The deleting of shadow copies on Windows.
6-7Shows suspicious behaviourOne or more suspicious actions were detected. The detected actions can be malicious but also have (common) benign uses.

Examples:
Changing file permissions.
Anti-VM behaviour/trying to detect a VM.
2-5Likely benignOne or more interesting behaviours were detected. The detected actions are interesting enough to be notified about but are not directly malicious.
1No (potentially) malicious behaviour was detected.N/A