General
-
Target
https://malc0de.com/database/
-
Sample
240214-vfga1aga7x
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://malc0de.com/database/
Resource
win10v2004-20231215-en
windows10-2004-x64
18 signatures
150 seconds
Malware Config
Targets
-
-
Target
https://malc0de.com/database/
Score10/10-
Chimera
Ransomware which infects local and network files, often distributed via Dropbox links.
-
Chimera Ransomware Loader DLL
Drops/unpacks executable file which resembles Chimera's Loader.dll.
-
Renames multiple (353) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-