Extracted

Extracted

• • Target

    553f674770840d592fd718f1cb8eed6d4210c7ce73944fb2d200e8588584fccb

  • Size

    92KB

  • MD5

    40d778624057e93cb98a8ff89d74baeb

  • SHA1

    c5ed829367c08aa36597e77c20f1ae1b8020f0e2

  • SHA256

    553f674770840d592fd718f1cb8eed6d4210c7ce73944fb2d200e8588584fccb

  • SHA512

    b9479c0e7d51d2276051eb3f6a58cddca906df7f9edd9405e063be5dac9f91de421508ad53517b71a8ee0820267700d706970dfd0031a49d8dd0b6933a08e469

  Score

  10^/10

  ransomwarepersistencedharmaspyware

  • Dharma

    Dharma is a ransomware that uses security software installation to hide malicious activities.

    ransomwaredharma

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Adds Run key to start application

    persistence

  • Drops desktop.ini file(s)

  • Drops file in System32 directory

  • Modifies service

    persistence
  behavioral1behavioral2