General
-
Target
0aaad9fd6d9de6a189e89709e052f06b
-
Size
92KB
-
Sample
200618-rqjvwjf4je
-
MD5
0aaad9fd6d9de6a189e89709e052f06b
-
SHA1
1a41edb2e59bc56ddb7a8206ac250812452421c5
-
SHA256
4b8271802c7cfec3b5258b581f4cb871edcc0c7bfb3bb7621707bdca094049a0
-
SHA512
fdf293692e7a8cb1aad85c383b7f1d050da20351ce5800889238208991420ef2c9e8797b2cd90e33b1e88288e29cf7578cebfb9ee7593c73699ea67327b83336
Static task
static1
Behavioral task
behavioral1
Sample
0aaad9fd6d9de6a189e89709e052f06b.exe
Resource
win7
Behavioral task
behavioral2
Sample
0aaad9fd6d9de6a189e89709e052f06b.exe
Resource
win10v200430
Malware Config
Extracted
C:\Users\Admin\Desktop\FILES ENCRYPTED.txt
Targets
-
-
Target
0aaad9fd6d9de6a189e89709e052f06b
-
Size
92KB
-
MD5
0aaad9fd6d9de6a189e89709e052f06b
-
SHA1
1a41edb2e59bc56ddb7a8206ac250812452421c5
-
SHA256
4b8271802c7cfec3b5258b581f4cb871edcc0c7bfb3bb7621707bdca094049a0
-
SHA512
fdf293692e7a8cb1aad85c383b7f1d050da20351ce5800889238208991420ef2c9e8797b2cd90e33b1e88288e29cf7578cebfb9ee7593c73699ea67327b83336
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
Modifies service
-