chaos | 0ee08bfc43f7656caffae0d94af08472[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ee08bfc43f7656caffae0d94af08472.bin
Size

191KB
MD5

40eb7be6113e2cf03792a43de722a074
SHA1

6a9b56d9ea24fbc6f8320f8ca1b6aeadf32f0386
SHA256

5439a2df0f614a2fee9676f53e9ca911fabcc08d58dc248f4e8db3e4f26aefbf
SHA512

00776d1a39a8e995ef2a2c8e02b946b1879e1909aa8674a232f25bd2bf3dcf464d9354a19456d67275507a30411c4a0be2a109dea3c978017ed986c863b159ae
SSDEEP

3072:f27GMat9uzO3RqGWm/lDoCEcCgsCLt6TV0Xfdt63+SMI3izBAUGIDsnTcfhlwyFn:fmGBtf3gm/lMfcC1CLmO+uSMBGUGIGcH

Score

10^/10

chaos

Malware Config

Signatures

Chaos Ransomware 1 IoCs

resource	yara_rule
static1/unpack001/b8de6f230c62e1a6480f2e8010229d185a7c2c6e3c7cc7c1cc338fc2be3f1253.exe	family_chaos

Chaos family
chaos

Files

0ee08bfc43f7656caffae0d94af08472.bin
.zip

Password: infected
b8de6f230c62e1a6480f2e8010229d185a7c2c6e3c7cc7c1cc338fc2be3f1253.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ