General
-
Target
whoisthisugly's RAT set.rar
-
Size
187.1MB
-
Sample
250315-z4rh4atvcz
-
MD5
c69fc756e1e907f9f5fb9fdf941d72ca
-
SHA1
f8ca9861130e99f627342b252153f08ce04e134b
-
SHA256
c866056155f15ef43598ffdfc6d0bc5dd8f2f13b6c07f489c29feb9dbf6287b7
-
SHA512
2bc0bf3238b5e6dfdf85a717f27af428decc358b0125416e1681bd3b34e507665f23571578c6389733752a12d61cb96ad420a026a7a8a37924330f54ab711050
-
SSDEEP
3145728:lUGO4i23z+ikexr5TwvjrBZWGmc7gbFtTmrAQeLKc39BYKmtQPPNtuKK1HYL56yV:lUN4i2D7kA+fKVRbFtkAb+c9BYKQut7j
Static task
static1
Behavioral task
behavioral1
Sample
whoisthisugly's RAT set.rar
Resource
win11-20250313-en
Malware Config
Targets
-
-
Target
whoisthisugly's RAT set.rar
-
Size
187.1MB
-
MD5
c69fc756e1e907f9f5fb9fdf941d72ca
-
SHA1
f8ca9861130e99f627342b252153f08ce04e134b
-
SHA256
c866056155f15ef43598ffdfc6d0bc5dd8f2f13b6c07f489c29feb9dbf6287b7
-
SHA512
2bc0bf3238b5e6dfdf85a717f27af428decc358b0125416e1681bd3b34e507665f23571578c6389733752a12d61cb96ad420a026a7a8a37924330f54ab711050
-
SSDEEP
3145728:lUGO4i23z+ikexr5TwvjrBZWGmc7gbFtTmrAQeLKc39BYKmtQPPNtuKK1HYL56yV:lUN4i2D7kA+fKVRbFtkAb+c9BYKQut7j
Score10/10-
Chaos Ransomware
-
Chaos family
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-