General
-
Target
04b106b179c202c67361aa4debad5d82f79a1927ab0ab8abc2ef350d18894b08.exe
-
Size
39KB
-
Sample
231012-t14rcsbd9w
-
MD5
b1228ba24ca5f75f8df9d5d177e5bb2b
-
SHA1
1895758de51ccfefa40239aa11055540c8c5deb7
-
SHA256
04b106b179c202c67361aa4debad5d82f79a1927ab0ab8abc2ef350d18894b08
-
SHA512
7abc1df0089a1a00aadc11c33eecffb5d85258acc4eac0b261ceaea77e814eaf671506383fe0074fd5779b8bc58e0f48f0d15309aa81aecf27ecc6633da4c5a4
-
SSDEEP
768:hqo2khp1DlNjwQr9KWO4TOpkx7u/LraCvpbMC2mkek:ko2kFpNjwQr9KWODkx74L2CNf5k
Behavioral task
behavioral1
Sample
04b106b179c202c67361aa4debad5d82f79a1927ab0ab8abc2ef350d18894b08.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
04b106b179c202c67361aa4debad5d82f79a1927ab0ab8abc2ef350d18894b08.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
04b106b179c202c67361aa4debad5d82f79a1927ab0ab8abc2ef350d18894b08.exe
-
Size
39KB
-
MD5
b1228ba24ca5f75f8df9d5d177e5bb2b
-
SHA1
1895758de51ccfefa40239aa11055540c8c5deb7
-
SHA256
04b106b179c202c67361aa4debad5d82f79a1927ab0ab8abc2ef350d18894b08
-
SHA512
7abc1df0089a1a00aadc11c33eecffb5d85258acc4eac0b261ceaea77e814eaf671506383fe0074fd5779b8bc58e0f48f0d15309aa81aecf27ecc6633da4c5a4
-
SSDEEP
768:hqo2khp1DlNjwQr9KWO4TOpkx7u/LraCvpbMC2mkek:ko2kFpNjwQr9KWODkx74L2CNf5k
Score10/10-
Chaos Ransomware
-
Modifies boot configuration data using bcdedit
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Sets desktop wallpaper using registry
-