General
-
Target
3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac.zip
-
Size
102KB
-
Sample
230816-dc9dyage8y
-
MD5
7da11b51e09501592212f269c98be376
-
SHA1
06cbb010769d62b398593b9ad394116ca9eec386
-
SHA256
609dccda39caf3155e50be35947da1e7101405e6a233ed9e35ad87761174f875
-
SHA512
466acebc22bdb01774611623a15e490329742cb41241423114ef1442f507634213a29c240742784f8beee7191a89f179d0919804653c46e472f661c64da586ba
-
SSDEEP
3072:PG0/C+Bg04WtBjrw9LFqUb6xxVYKgJ8DFnPa4FBH0akwEZ3DS:Tg05tBfwdFqk6+K1DFPlFBH3JOG
Behavioral task
behavioral1
Sample
3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac.exe
Resource
win10-20230703-en
Behavioral task
behavioral2
Sample
3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac.exe
-
Size
282KB
-
MD5
08c7ff3a65f703d12fc644b63dff19d5
-
SHA1
f38e8932f4c88c1fd801696267924c6767155028
-
SHA256
3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac
-
SHA512
367761edc864129ae074b503a12dc339255ae8cebeb21eb45c1e5083351cacfcb0cd0589e66f18c9b2769c73169305871c5dfe012d45aedb18fa1a866369b4bb
-
SSDEEP
3072:16biq9hBxqDhNiMLbfyU9+SHfZLoL9oic6VlQbuKGOQzEjQVnDnRM4n9gQ:1kiq9H8DLVLbf9r/ZLr6YbuC0hRZ9g
Score10/10-
Chaos Ransomware
-
Modifies boot configuration data using bcdedit
-
Disables Task Manager via registry modification
-
Drops startup file
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-