chaos | chaosgate[.]zip | Triage

Sharing

General

Target

chaosgate.zip
Size

146KB
MD5

da2a03719064154d95a16085ae5b642f
SHA1

529a9376101a05298d027fa82b07f25d225c2abd
SHA256

3e044ab5ff896fbe79fdb0064c5be49986fe22c43692dcd0e3da6f1500440860
SHA512

c8ed8f339b94b87990516d7c32948cf6630d482c1aab4b1ebac5293c3c155695a24732144e7bc885049ebfd1658a5c50878d5fd47cfa2ecbeb97dbbc7488eb93
SSDEEP

3072:QpkeZAL7qzAZ946BRpu2qIap1CGjQSLQ0yLGa7SlXAw1j+nuvgrEzvQm:QpkeGPzdXjAQSTyHvwd+uvdzvf

Score

10^/10

chaos

Malware Config

Signatures

Chaos Ransomware 1 IoCs

resource	yara_rule
static1/unpack001/0a144c8c7a27b14415064cf3e8a031fa19b59970427c1d00b9bf4a129fc94c56.exe	family_chaos

Chaos family
chaos

Files

chaosgate.zip
.zip

Password: infected
0a144c8c7a27b14415064cf3e8a031fa19b59970427c1d00b9bf4a129fc94c56.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ