chaos | 333333[.]exe | Triage

Sharing

General

Target

333333.exe
Size

29KB
MD5

df47134780d2ae126fec89f9f246d0e7
SHA1

25806ed7b5ba0284d1ac6858b0f49db39f834b16
SHA256

3f8db4913ef08a02254be20bd04543b55be72cb97f5de3cfd1d773c140abed2a
SHA512

388e220da35f134274bfbc68acb675eab70987fe422e9aa4d5cb581ac6db42a6695142f9d8e59edb12072dfce91c8b3183b360ab9b0669ab1678292e4465a98a
SSDEEP

384:s0JORJcf3Q3iPdxJODbzxqXIoyOVs91J4SYUcS+arWS:0JUJFxcX1q4t93bcGv

Score

10^/10

chaos

Malware Config

Signatures

Chaos Ransomware 1 IoCs

resource	yara_rule
sample	family_chaos

Chaos family
chaos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
333333.exe

Files

333333.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ