chaos | 9dab6749bdeef4e92502efed4e21f46f8590b7534d01b93576a63f4ac1e77851[.]zip

General

Target

9dab6749bdeef4e92502efed4e21f46f8590b7534d01b93576a63f4ac1e77851.zip
Size

109KB
MD5

6c570c47d6434c06928e19321f5c92c7
SHA1

b2816d2299f75f13df720771a8520d0585c1690c
SHA256

257ef2f11110d6230d48d0bb2e32882a90320e67ba3dff3c0c249589ccb0cf5e
SHA512

193e1a28f9052b722fcc9bd42d9f6e2b142220dffcdf61bd4e0f2014a99a39fe8e430dba80092c38e7cfff3c1b0d6a7f32f5babaf5e0bab2b91abb336a6080c7
SSDEEP

1536:CP6Qe9P6hfvHvVkFOFO9h+vXxh2cebYcJzc1vQGmcYpzD1DRjpKcEccwhySJdr59:CPcR6hndkFmO7+vxTg1cvlYpDN6k46f

Score

10^/10

chaos

Chaos Ransomware 1 IoCs

resource	yara_rule
static1/unpack001/9dab6749bdeef4e92502efed4e21f46f8590b7534d01b93576a63f4ac1e77851.exe	family_chaos

9dab6749bdeef4e92502efed4e21f46f8590b7534d01b93576a63f4ac1e77851.zip
.zip

Password: infected
9dab6749bdeef4e92502efed4e21f46f8590b7534d01b93576a63f4ac1e77851.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ