chaos | 37ca1cfa1f30b57408d3e855f98f9e5fd6900b23643bbc0c6163a875edf00b60_ransomware[.]exe

General

Target

37ca1cfa1f30b57408d3e855f98f9e5fd6900b23643bbc0c6163a875edf00b60_ransomware.exe
Size

381KB
MD5

51da0be6c48d01ce192a1f592198e71c
SHA1

042d7e877bf6b05a44ef8b8496ef8c26457d0206
SHA256

4bb109c322cbd7afdf806bc9bff5e3a57577651e3fd5abe673f2401674208bae
SHA512

38ee7cc2fedda673618f5e895d915dd5537dec09b6c245f602d65203b0effff124e6735ff2174a5e56a00f3fc45c018e4bd2b10fe912331d3c4e682e60005b2a
SSDEEP

6144:E3uLAnDUxGu8h7rONtdldo+SUSyCYuXuMKRGmTL4WyxKBbII+AEh+vzln22QZMt1:EqAnmJ8tr4trdXmyCYUubE4LPSK7EuBZ

Score

10^/10

chaos

Chaos Ransomware 1 IoCs

resource	yara_rule
static1/unpack001/Device/HarddiskVolume4/Users/Admin/Desktop/37ca1cfa1f30b57408d3e855f98f9e5fd6900b23643bbc0c6163a875edf00b60_ransomware.exe	family_chaos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume4/Users/Admin/Desktop/37ca1cfa1f30b57408d3e855f98f9e5fd6900b23643bbc0c6163a875edf00b60_ransomware.exe

37ca1cfa1f30b57408d3e855f98f9e5fd6900b23643bbc0c6163a875edf00b60_ransomware.exe
.zip

Password: YOIN=Tp689~u%u7n6|)x
Device/HarddiskVolume4/Users/Admin/Desktop/37ca1cfa1f30b57408d3e855f98f9e5fd6900b23643bbc0c6163a875edf00b60_ransomware.exe
.exe windows x86

Password: YOIN=Tp689~u%u7n6|)x

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 850KB - Virtual size: 850KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json