Chaos Ransomware Builder V4 - Cleaned by ObbedCode

[ObbedCode]

To clean the file we have to rename a .DLL to .EXE and modify some sus IL Code.

Removed the Original .exe that is just a virus

 

Note I cleaned the File, You Can analyze the file for yourself in DnSpy

Still Run everything in a Controlled Environment. My version is the Fully Cleaned Version.

 

 Even has the Decryptor in the same Folder

  

Person Spreading Malware:

Spoiler

 

Original Report:

 

Spoiler

 

Please Login or Register to see this Hidden Content

Please Login or Register to see this Hidden Content

 

 

===================================================================

DOWNLOAD

===================================================================

Password: Chaos46366

Upload.ee

Hidden Content
You'll be able to see the hidden content once you reply to this topic or

Please Login or Register to see this Hidden Content

.

 

Anonfile

Hidden Content
You'll be able to see the hidden content once you reply to this topic or

Please Login or Register to see this Hidden Content

.

 

Zippyshare

Hidden Content
You'll be able to see the hidden content once you reply to this topic or

Please Login or Register to see this Hidden Content

.

 

Mirror Ace

Hidden Content
You'll be able to see the hidden content once you reply to this topic or

Please Login or Register to see this Hidden Content

.

 

===================================================================

SCREENSHOTS

===================================================================

 

Spoiler

 

Original Analysis:

(Still always run EVERYTHING in Sandbox / Virtual Machine)

 

Stub SRC:

Please Login or Register to see this Hidden Content

 

VT:

Please Login or Register to see this Hidden Content

HB:

Please Login or Register to see this Hidden Content

 

Please Login or Register to see this Hidden Content

Edited by ObbedCode, 28 November 2022 - 06:09 AM.

[Cat]

Good work as always

[ShockQ]

HQ LEAK as always!

[krizen]

you never dissapoint! thank you

[xcxcxcxpuss]

thanks man, mad appreciated

[bumlazasta]

Great work as always!

[Herrengels2]

ty

[zelus]

I will be taking this for myself

[recruitm]

thanks so much bro

[sandyeee]

hi best upload you