chaos | 028d8a0f2eefdc87bcfde1457470789c[.]bin | Triage

Sharing

General

Target

028d8a0f2eefdc87bcfde1457470789c.bin
Size

1.2MB
MD5

9073e7b7691076ad6e10095251c95b74
SHA1

8782beee1ecc5af445d382bd5de61b2dbbf6cb31
SHA256

2dfba8736422fd1f0d068c5729751cb63a648763ec6c333534bf9f4283c5bd3a
SHA512

75297e52b80650db02fed78c7cd73deeb7e87571b19efafbeecce949a9bf847bb6a23cc2c5942dc20ba513100d96a72133acabf1bd25cf4dab0a78f357342037
SSDEEP

24576:4oa2X/8O0WU05E82YKvkLvzI9hxx2qE9pPwyZZSRhFJzXnzydSZ:r8OlD5EzvkLvQl2l9pTZZSRhFlXed2

Score

10^/10

chaos

Malware Config

Signatures

Chaos Ransomware 1 IoCs

resource	yara_rule
static1/unpack001/a80908bcd96a8df6070eb9a9c83739c8d95c34d7d81b890bacda91bb05c53267.exe	family_chaos

Chaos family
chaos

Files

028d8a0f2eefdc87bcfde1457470789c.bin
.zip

Password: infected
a80908bcd96a8df6070eb9a9c83739c8d95c34d7d81b890bacda91bb05c53267.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ