General
-
Target
2025-06-04_5011e199dbaa732036937db7d1edaf65_chaos_destroyer_elex_wannacry
-
Size
27KB
-
Sample
250604-z49dxadl5w
-
MD5
5011e199dbaa732036937db7d1edaf65
-
SHA1
f6a6bf09016e688baf1793ee8ef7c59554acb611
-
SHA256
4102bb1d2ba317af2b89a11cddbabeaa167c143a290817cde42834a8141d6054
-
SHA512
6cec048b61b87ab40a5e2dd4d73704ceed38522c82d50bce3d096f3ed9da04d8f92e1ccd9efcd809cc29fb2f5725157b2f18e06e9853da01c7dfa7ad43bcc590
-
SSDEEP
384:IYesj+xGF8rPOaeGT9c71TGYKg96pOVp91z6Ib5z5xDSB:VCr5eO9Dpc9d6Ibp5xDu
Behavioral task
behavioral1
Sample
2025-06-04_5011e199dbaa732036937db7d1edaf65_chaos_destroyer_elex_wannacry.exe
Resource
win10v2004-20250502-en
Malware Config
Extracted
C:\Users\Admin\read_it.txt
chaos
Targets
-
-
Target
2025-06-04_5011e199dbaa732036937db7d1edaf65_chaos_destroyer_elex_wannacry
-
Size
27KB
-
MD5
5011e199dbaa732036937db7d1edaf65
-
SHA1
f6a6bf09016e688baf1793ee8ef7c59554acb611
-
SHA256
4102bb1d2ba317af2b89a11cddbabeaa167c143a290817cde42834a8141d6054
-
SHA512
6cec048b61b87ab40a5e2dd4d73704ceed38522c82d50bce3d096f3ed9da04d8f92e1ccd9efcd809cc29fb2f5725157b2f18e06e9853da01c7dfa7ad43bcc590
-
SSDEEP
384:IYesj+xGF8rPOaeGT9c71TGYKg96pOVp91z6Ib5z5xDSB:VCr5eO9Dpc9d6Ibp5xDu
Score10/10-
Chaos Ransomware
-
Chaos family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-