chimera | 83875ea85b183c609c5ddcd92afe62265745192a417b80524f12741fc028aca0 | Triage

Submit
Reports

Overview

overview

Static

static

3

Computer Raper.exe

windows10-2004-x64

Resubmissions

03-05-2024 16:55

240503-vffz8sec77 10

15-04-2024 14:29

240415-rtx9wsgf63 10

10-04-2024 15:57

240410-td2cqadc92 10

Sharing

General

Target

Computer Raper.exe
Size

85.4MB
Sample

240415-rtx9wsgf63
MD5

bdb24ed9f869fcd462b316148514fc5b
SHA1

83935122b626378a3149e9036cd751514add4b52
SHA256

83875ea85b183c609c5ddcd92afe62265745192a417b80524f12741fc028aca0
SHA512

12fdb77a75debeacbc4b98cac45d09a7bcc378bd9bd51bbc035838b99c1d595660d5c0961a2d041b2e8359f3b5b096f589d39453ada9874436411b94b8b0d611
SSDEEP

1572864:NUkskQ1oOZrCqix58TkbajhXBFEQT9VotzcJ97:N/NQbCbmXXEUvoM97

Score

10^/10

chimera mimikatz evasion ransomware upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Computer Raper.exe

Resource

win10v2004-20240412-en

chimera mimikatz evasion ransomware upx

windows10-2004-x64

12 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Computer Raper.exe
- Size
  
  85.4MB
- MD5
  
  bdb24ed9f869fcd462b316148514fc5b
- SHA1
  
  83935122b626378a3149e9036cd751514add4b52
- SHA256
  
  83875ea85b183c609c5ddcd92afe62265745192a417b80524f12741fc028aca0
- SHA512
  
  12fdb77a75debeacbc4b98cac45d09a7bcc378bd9bd51bbc035838b99c1d595660d5c0961a2d041b2e8359f3b5b096f589d39453ada9874436411b94b8b0d611
- SSDEEP
  
  1572864:NUkskQ1oOZrCqix58TkbajhXBFEQT9VotzcJ97:N/NQbCbmXXEUvoM97
Score

10^/10

chimera mimikatz evasion ransomware upx
- Chimera
  Ransomware which infects local and network files, often distributed via Dropbox links.
  ransomware chimera
- Chimera Ransomware Loader DLL
  Drops/unpacks executable file which resembles Chimera's Loader.dll.
  ransomware
- Mimikatz
  mimikatz is an open source tool to dump credentials on Windows.
  mimikatz
- mimikatz is an open source tool to dump credentials on Windows
- Modifies Windows Firewall
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Create or Modify System Process

Windows Service

Scheduled Task/Job

Privilege Escalation

Create or Modify System Process

Windows Service

Scheduled Task/Job

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

chimeramimikatzevasionransomwareupx

© 2018-2024

Terms | Privacy