Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-08-08_c248b466ec914b5892c99131c0b00d3f_chaos_destroyer_wannacry
-
Size
22KB
-
Sample
240808-f5w1estemg
-
MD5
c248b466ec914b5892c99131c0b00d3f
-
SHA1
9a4df85296968bfa61df9903729b377f2432476d
-
SHA256
0d5e5b7e35e3d30e479dd1a2a06377d376661c83f92ae95efb48ac910fb2307b
-
SHA512
6927e61352bffab6182ea9212948d0529b385a4933c2849dec25153eac2e97f0938aaad0b5eda3483af738079521bec986b20f4f65f309bf24e0109d6bd58ab2
-
SSDEEP
384:b3MLWHn3kI3fcSxlR2Wp5x4+CPJ4r91Czxb50eW:Hn3kIE69pf4+G4r9ixb+eW
Behavioral task
behavioral1
Sample
2024-08-08_c248b466ec914b5892c99131c0b00d3f_chaos_destroyer_wannacry.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
2024-08-08_c248b466ec914b5892c99131c0b00d3f_chaos_destroyer_wannacry.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
C:\Users\Admin\Desktop\read_it.txt
chaos
Targets
-
-
Target
2024-08-08_c248b466ec914b5892c99131c0b00d3f_chaos_destroyer_wannacry
-
Size
22KB
-
MD5
c248b466ec914b5892c99131c0b00d3f
-
SHA1
9a4df85296968bfa61df9903729b377f2432476d
-
SHA256
0d5e5b7e35e3d30e479dd1a2a06377d376661c83f92ae95efb48ac910fb2307b
-
SHA512
6927e61352bffab6182ea9212948d0529b385a4933c2849dec25153eac2e97f0938aaad0b5eda3483af738079521bec986b20f4f65f309bf24e0109d6bd58ab2
-
SSDEEP
384:b3MLWHn3kI3fcSxlR2Wp5x4+CPJ4r91Czxb50eW:Hn3kIE69pf4+G4r9ixb+eW
Score10/10-
Chaos Ransomware
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-