General
-
Target
Version 6.8.exe
-
Size
1.3MB
-
Sample
240314-x6hymach5w
-
MD5
5b5065f49718bd167911f12eec35a942
-
SHA1
fe005ea9e2e572c79e881e1c57a21585a9577841
-
SHA256
4265e1f20a3443c5d9401bc2a27d4014ae75c931d60dcd87124e9d01a943a66e
-
SHA512
e33adb710d12380b8cb00c2092ab43f7eb7d2488d07ddee5fba360c0858f8113a008d99780a4da6f35fccc81b3a18058a266481714c8040d57041923d35ab9bb
-
SSDEEP
24576:a67Q2xXDBqBdEa+rfhtb5VUkxD/eL+wP+wJtXJtZW6N9VgWVB:aYQ2xXDBUdGNr5xD/SPpXtWiHgmB
Static task
static1
Behavioral task
behavioral1
Sample
Version 6.8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Version 6.8.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Version 6.8.exe
-
Size
1.3MB
-
MD5
5b5065f49718bd167911f12eec35a942
-
SHA1
fe005ea9e2e572c79e881e1c57a21585a9577841
-
SHA256
4265e1f20a3443c5d9401bc2a27d4014ae75c931d60dcd87124e9d01a943a66e
-
SHA512
e33adb710d12380b8cb00c2092ab43f7eb7d2488d07ddee5fba360c0858f8113a008d99780a4da6f35fccc81b3a18058a266481714c8040d57041923d35ab9bb
-
SSDEEP
24576:a67Q2xXDBqBdEa+rfhtb5VUkxD/eL+wP+wJtXJtZW6N9VgWVB:aYQ2xXDBUdGNr5xD/SPpXtWiHgmB
Score10/10-
Chaos Ransomware
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-