Extracted

• • Target

    d4eb2a62ee12659fab50fbf927a6e9ab

  • Size

    23KB

  • MD5

    d4eb2a62ee12659fab50fbf927a6e9ab

  • SHA1

    529f9e09d02a107d6b50387c976b1209229545aa

  • SHA256

    db4b65445f8a7d1f8827e510affccf6a1fd557daf81b49b50b93beea759153f8

  • SHA512

    2ddd79445b40cb8f8ec5874b0ce2842bc0d6a5045b3d5d35efa7130b3fc88c6c8482499ee2ab6d24919556b69790758469934fae943f0058d1e13a3a11511a9e

  • SSDEEP

    384:oOgHs6cYgBznHTQliJYcxr91CnWzwnbJ/yS:oOgHs7hznzQl2Y4r9FwnbwS

  Score

  10^/10

  chaosransomware

  • Chaos

    Ransomware family first seen in June 2021.

    ransomwarechaos

  • Chaos Ransomware

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Drops startup file

  • Executes dropped EXE

  • Drops desktop.ini file(s)

  behavioral1behavioral2