Extracted

Extracted

• • Target

    90c54543aaf085e00879d4fe98a6dfb8148548f374828d50b6e3ac44668138b2

  • Size

    92KB

  • MD5

    37c1ee5708d1f5e45cea516059fd12f8

  • SHA1

    d9102824ed07a4c29bd364fd0f4e08df1f5dc1d9

  • SHA256

    90c54543aaf085e00879d4fe98a6dfb8148548f374828d50b6e3ac44668138b2

  • SHA512

    4bc1e5cfb0e74bc6c4a3a29c343665f55667582ade43cc6137ee2307559b806a498b7379823ee0a4d861cd841ced3fda60eaaf7ffacf96129eb0d6727d39285e

  Score

  10^/10

  ransomwaredharmapersistencespyware

  • Dharma

    Dharma is a ransomware that uses security software installation to hide malicious activities.

    ransomwaredharma

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Adds Run key to start application

    persistence

  • Drops desktop.ini file(s)

  • Drops file in System32 directory

  • Modifies service

    persistence
  behavioral1behavioral2