chaos | 275856a4945996b6b6c211a0835ac1443549d76ebed9eb0e7b9a7711d44fe49b

General

Target

275856a4945996b6b6c211a0835ac1443549d76ebed9eb0e7b9a7711d44fe49b
Size

328KB
MD5

2f277a05a52730c2da5004994fd681fd
SHA1

873cb00c1964f35c34d6057e2659ff1274d3f567
SHA256

275856a4945996b6b6c211a0835ac1443549d76ebed9eb0e7b9a7711d44fe49b
SHA512

dec2de0fb7ba9221ea9c9f5c8f1716e4a335c8f2e79e187b22b65d5e768dae68addfe0b75648537b236c1785c3c247ea3fcbad4910768508a0fda052b9c86046
SSDEEP

6144:xh/Q6vyDfgvD0lonbWjcQJOH9LjZZCBcWe5qXVUis4AbSQvhtt8:xhY6OgvtyOLfCJe5qXii7Ajht+

Score

10^/10

chaos

Chaos Ransomware 1 IoCs

resource	yara_rule
static1/unpack001/923dddc478a17d0adf0c86d1b5eb709ea4b48114cbb2c0e72052bd69caae95b2	family_chaos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/923dddc478a17d0adf0c86d1b5eb709ea4b48114cbb2c0e72052bd69caae95b2

275856a4945996b6b6c211a0835ac1443549d76ebed9eb0e7b9a7711d44fe49b
.zip

Password: infected
923dddc478a17d0adf0c86d1b5eb709ea4b48114cbb2c0e72052bd69caae95b2
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 710KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ