chaos | b03d1cb5b7a1f632e83f557a6a5e993bb40b81b1e2dbf3383ead13782b0aef27

General

Target

b03d1cb5b7a1f632e83f557a6a5e993bb40b81b1e2dbf3383ead13782b0aef27
Size

102KB
MD5

e29555fabb15cc6cd98e6ac846554d19
SHA1

fec74e4b2ea24575778bc848268f67344f56bb00
SHA256

b03d1cb5b7a1f632e83f557a6a5e993bb40b81b1e2dbf3383ead13782b0aef27
SHA512

082cea2c06206d83e3c92db41a952aed394b304eed867ef17b0bfdce169109d45dc39ec5a0aebbb04e9cfcc20b7df83016e1d37b0dd4bd9b1b64758a145375ad
SSDEEP

3072:qPxMnA2+lXMqRq6mlaRXtTlrT7443qhAgX5CuxJj7qK:W2nAtHQlSl74VAgXXGK

Score

10^/10

chaos

Chaos Ransomware 1 IoCs

resource	yara_rule
static1/unpack001/3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac.exe	family_chaos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac.exe

b03d1cb5b7a1f632e83f557a6a5e993bb40b81b1e2dbf3383ead13782b0aef27
.zip

Password: infected
3ea6df18492d21811421659c4cf9b88e64c316f2bef8a19766b0c79012476cac.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ