chaos | 2024-08-22_28298b6df0cae8d9924855f4b8f30887_destroyer_wannacry | Triage

Sharing

General

Target

2024-08-22_28298b6df0cae8d9924855f4b8f30887_destroyer_wannacry
Size

99KB
MD5

28298b6df0cae8d9924855f4b8f30887
SHA1

a2ae55d631806d3401ce7bd75f1468bbccacd506
SHA256

c6fd39c1f83f102251c3795aea155568df193e8a9e2bccde398a7caa4cf35cc4
SHA512

5ee73a23fa0f49c6f9546cd6e023d77e63e3f2f117890e104ed48ab84030699cd66d2a404fe402969696fa696b379b3655578ed2de4fcce14feafb78a6e1c1b7
SSDEEP

384:8kMg/bqoymcxtinPvD76UJFr91CnmoWVonPRGlmIxb5Mez:Hqoyptov68Fr90mo4onPg4Ixbaez

Score

10^/10

chaos

Malware Config

Signatures

Chaos Ransomware 1 IoCs

resource	yara_rule
sample	family_chaos

Chaos family
chaos

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-08-22_28298b6df0cae8d9924855f4b8f30887_destroyer_wannacry

Files

2024-08-22_28298b6df0cae8d9924855f4b8f30887_destroyer_wannacry
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

kUxMvFVS
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.????
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ