General
-
Target
chaosransomware.rar
-
Size
50KB
-
Sample
230823-j84ffsag87
-
MD5
30b90c372b9b262b8eadeadfd6a055a7
-
SHA1
148001e9f36c477659a87db2e6ab4b2e2d958ddd
-
SHA256
76271709e49ce18d32e93367be15f730e7df9ebf534f6eeac27b3a1bed8fd864
-
SHA512
839c3ce75ca1a7d5964f076da5c9bf839e8317270dd5119aaec03a0214015d2391700bc7bb26ae5137d2a9afe7b86ab9625adf85e5473492acf98e1ae7d323ec
-
SSDEEP
1536:c97o3QP70O3UwP1M1hECnRpSFG/d0svE/7NPu0AgHAKMd:go3q3Uw9UE+RswJE/7LTHvMd
Behavioral task
behavioral1
Sample
warthundercrackfulltank.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
warthundercrackfulltank.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
C:\Users\Admin\Documents\read_it.txt
chaos
Targets
-
-
Target
warthundercrackfulltank.exe
-
Size
23KB
-
MD5
b6201731829cbee98a7b14a6e68b74da
-
SHA1
bc6372ace858fbb796db93f282be970c5f7d752e
-
SHA256
e6d5a35ce0a4052a3f5404831f6a462acaf5ae06885d63b6d312c973447f508b
-
SHA512
c6220893a97797712bd5b4cacab980b1334c83649c2cf12d4ae50e3f1dab302af5f56ffbadf37a4e8bda93bc457d77f8db8d2f5e133bf4c6537b0775f5fab289
-
SSDEEP
384:J3Mg/bqo2/cxtivp2+I+yLYLAJimr91CGP8xb5Qeu:bqo26tMpAcLoxr9lP8xbOeu
Score10/10-
Chaos Ransomware
-
Modifies boot configuration data using bcdedit
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-