Overview

overview

10

Static

static

1

level.gz

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    level.dat

  • Size

    8KB

  • Sample

    240319-sewm7aeg88

  • MD5

    d0d3095f818ff3f13607ddb23e4158e5

  • SHA1

    79a458c36f4375df44ebfca0329179c6304db9da

  • SHA256

    453035aa0f2f3ff9d71a9b43035e678e950d3a51decd3ba21e8d7b39c3238a9c

  • SHA512

    36b0c6a2ab63bcfd4f401098ce74169047fc9c970434d50f62db6b7bc0bde439e6349056b3a58527cd4b2dbb152b566b82174e2f3e8d62e89818841c0e3f635a

  • SSDEEP

    192:1rY/IEzX2sHnNhzWhgDTDGBBbjmnky9lpDe0fvFgpu6V:uX2ONhzWhgDTDaZjgkYlFROu6V

Score
10/10
chaosransomwareupx

Malware Config

Targets

    • Target

      level.dat

    • Size

      8KB

    • MD5

      d0d3095f818ff3f13607ddb23e4158e5

    • SHA1

      79a458c36f4375df44ebfca0329179c6304db9da

    • SHA256

      453035aa0f2f3ff9d71a9b43035e678e950d3a51decd3ba21e8d7b39c3238a9c

    • SHA512

      36b0c6a2ab63bcfd4f401098ce74169047fc9c970434d50f62db6b7bc0bde439e6349056b3a58527cd4b2dbb152b566b82174e2f3e8d62e89818841c0e3f635a

    • SSDEEP

      192:1rY/IEzX2sHnNhzWhgDTDGBBbjmnky9lpDe0fvFgpu6V:uX2ONhzWhgDTDaZjgkYlFROu6V

    Score
    10/10
    chaosransomwareupx

    • Chaos

      Ransomware family first seen in June 2021.

      ransomwarechaos

    • Chaos Ransomware

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks