General
-
Target
2_exx_20200220.exe
-
Size
212KB
-
Sample
200220-z6512tay1j
-
MD5
9af53d8ea548837e6c230630bad1fe9a
-
SHA1
88f727b694396b5c52cb3b63ad08d1232771a4e2
-
SHA256
398941db66c552980d795e0351fd5e795634acb6f5e58d24e0611871c2cc7a3b
-
SHA512
256ec0b394fe971a6833f1239b6776f5ead5baf5ac3ca699e1c44f127dba7fcddb85db79cc3c64608163247811ebc8fbf58a67c5661607349d86c497863d504c
Static task
static1
Behavioral task
behavioral1
Sample
2_exx_20200220.exe
Resource
win7v200217
Behavioral task
behavioral2
Sample
2_exx_20200220.exe
Resource
win10v200217
Malware Config
Targets
-
-
Target
2_exx_20200220.exe
-
Size
212KB
-
MD5
9af53d8ea548837e6c230630bad1fe9a
-
SHA1
88f727b694396b5c52cb3b63ad08d1232771a4e2
-
SHA256
398941db66c552980d795e0351fd5e795634acb6f5e58d24e0611871c2cc7a3b
-
SHA512
256ec0b394fe971a6833f1239b6776f5ead5baf5ac3ca699e1c44f127dba7fcddb85db79cc3c64608163247811ebc8fbf58a67c5661607349d86c497863d504c
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Drops startup file
-
Adds Run entry to start application
-
Drops file in System32 directory
-
Modifies service
-