Extracted

• • Target

    cracker.exe

  • Size

    23KB

  • MD5

    ee711be5ac7e4d382c21cb6cb3f9631b

  • SHA1

    df2ad2e13d1160a900e730eeec7adc6503891088

  • SHA256

    96954af5f3a422d26951296adeb8d9a2cae1ada61f63ee1a2c884a4ef938cf87

  • SHA512

    bbd714ecbe31a75dd6d661cbcc7926e5cf2b7e0858f3931dc8ddd42d7254849e1b9a942f9ccc1140bd9f376a0149f4d79f1ef2e21b5aa45173c6f87e53fc12e2

  • SSDEEP

    384:H3MLWHn3kI3fmIOyERMpOsbW+ATLJIr91Crxbo9deU:zn3kIYy6Mpzi9Ir9SxboveU

  Score

  10^/10

  chaosevasionransomwarespywarestealer

  • Chaos

    Ransomware family first seen in June 2021.

    ransomwarechaos

  • Chaos Ransomware

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies boot configuration data using bcdedit

    ransomwareevasion

  • Deletes backup catalog

    Uses wbadmin.exe to inhibit system recovery.

    ransomware

  • Drops startup file

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Drops desktop.ini file(s)

  behavioral1