chaos | Drake[.]exe | Triage

Resubmissions

05-08-2024 04:53

240805-fh2x6a1enf 10

04-08-2024 21:27

240804-1axzfswgqk 10

Sharing

General

Target

Drake.exe
Size

497KB
MD5

ab8c3898f405f749d76f1f4d0b2edea7
SHA1

cd84e0d07ba9d0bb0533f22d769aa89c57df65ed
SHA256

053406e3796af92592f6af6ab78ce2372f9521b3c9286314274bf85ce4221ba8
SHA512

339e09fdc912f84c47f7243a1caecbaf4139e1e0643726a03f1f4c80c217d74bdff01bd5a6c6ef4b725992fc1b5961420400e6d67b3e47498c31dd909fb44c2f
SSDEEP

6144:yHr9B5aj/BXUAHi8tbQxBDVC8NfjPiU0Ci/d+EmlXZCW+WWWpw4X3KSahv:Oaj/BXUA3tcbeU9CW+WWWZov

Score

10^/10

chaos

Malware Config

Signatures

Chaos Ransomware 1 IoCs

resource	yara_rule
sample	family_chaos

Chaos family
chaos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Drake.exe

Files

Drake.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ