General
-
Target
car.png
-
Size
2KB
-
Sample
240914-patfgstcla
-
MD5
e1698e3caafc06f3b00a98eb5909b2ab
-
SHA1
2907a45bf6cf1e392664bccb8c05e1a5724fe01c
-
SHA256
052215bee4c3ccb1c764edc26f6d28d78486868a68ac88844ac98296cf628ac9
-
SHA512
dc3bf1dbc2ebe504cc68896ab7cde52f53282603d630a5354d74731857644d16175fceb0fedf19419153e02c2fcc73f6a51d7188a41cbe6ead5ceae311308125
Static task
static1
Behavioral task
behavioral1
Sample
car.png
Resource
win10v2004-20240910-de
Malware Config
Extracted
C:\Users\Admin\Desktop\read_it.txt
chaos
Targets
-
-
Target
car.png
-
Size
2KB
-
MD5
e1698e3caafc06f3b00a98eb5909b2ab
-
SHA1
2907a45bf6cf1e392664bccb8c05e1a5724fe01c
-
SHA256
052215bee4c3ccb1c764edc26f6d28d78486868a68ac88844ac98296cf628ac9
-
SHA512
dc3bf1dbc2ebe504cc68896ab7cde52f53282603d630a5354d74731857644d16175fceb0fedf19419153e02c2fcc73f6a51d7188a41cbe6ead5ceae311308125
Score10/10-
Chaos Ransomware
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
Legitimate hosting services abused for malware hosting/C2
-