Overview

overview

10

Static

static

10

2024-11-05...ry.exe

windows7-x64

10

2024-11-05...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-11-05_5c73304153220629dfdcf2819f49cedb_destroyer_wannacry

  • Size

    17KB

  • Sample

    241105-b84r8asepr

  • MD5

    5c73304153220629dfdcf2819f49cedb

  • SHA1

    2263b3ce767639e84862138d175007b0fa904804

  • SHA256

    6a3f58eb6b785786c96efe6918b8655dfb5676e85f21df0f75f7bf318fc8b11d

  • SHA512

    7eb22638ead1dd2f699d3451f02dfd4b19d37e96d80d612d7979c2d35802ccf7fcf53ad15e026b89605274ed6d90837095304fcace3ce119820ca6646bf556f3

  • SSDEEP

    192:h4M3MgSZWHWUHKnaV1dGOqnovuDBsphYr4codRnjcP8HgSoes/91C1m+HS3E1qEW:hl3Mg/bqo29spiZobPJor91CyLe6

Score
10/10
chaosransomwarespywarestealer

Malware Config

Targets

    • Target

      2024-11-05_5c73304153220629dfdcf2819f49cedb_destroyer_wannacry

    • Size

      17KB

    • MD5

      5c73304153220629dfdcf2819f49cedb

    • SHA1

      2263b3ce767639e84862138d175007b0fa904804

    • SHA256

      6a3f58eb6b785786c96efe6918b8655dfb5676e85f21df0f75f7bf318fc8b11d

    • SHA512

      7eb22638ead1dd2f699d3451f02dfd4b19d37e96d80d612d7979c2d35802ccf7fcf53ad15e026b89605274ed6d90837095304fcace3ce119820ca6646bf556f3

    • SSDEEP

      192:h4M3MgSZWHWUHKnaV1dGOqnovuDBsphYr4codRnjcP8HgSoes/91C1m+HS3E1qEW:hl3Mg/bqo29spiZobPJor91CyLe6

    Score
    10/10
    chaosransomwarespywarestealer

    • Chaos

      Ransomware family first seen in June 2021.

      ransomwarechaos

    • Chaos Ransomware

    • Chaos family

      chaos

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks