Behavioral task
behavioral1
Sample
Serverice.Host.local.exe
Resource
win11-20250314-en
General
-
Target
Serverice.Host.local.exe
-
Size
182KB
-
MD5
d206dd07a32132a06af8fe1d0f3eec55
-
SHA1
ac3c7dc216a9351905379f612bbe132906020384
-
SHA256
1e10c6e0e448b51d612f5363b5b4edd2d52d3862287388e5172fdf0d3736dc0e
-
SHA512
dbbfb14cdf7bc9fc02f210112be10bc9c410d2c8b9e48545313e39004fcab09c273cbe0d0e94a947483f760ca3e8c3824272973e14cec63a43a60f6336bf36ee
-
SSDEEP
3072:2oLIVr9G3hCJxtY4sdP6VZn6ZCHGIQZT7TMPD6HCq4X:or9khCJLYiZnCCUZXTMbBq4
Malware Config
Signatures
-
Chaos Ransomware 1 IoCs
resource yara_rule sample family_chaos -
Chaos family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Serverice.Host.local.exe
Files
-
Serverice.Host.local.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 180KB - Virtual size: 179KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ