Extracted

• • Target

    dmx99.exe

  • Size

    328KB

  • MD5

    41b19130b8a7ad8fe5b12643301772c2

  • SHA1

    d77f20dd52ae752f010a541fb41e693435d7fed1

  • SHA256

    37ccd85431c6ccba425d7c06de22fe00b391847445fe495484c2c68e33daf613

  • SHA512

    a87e696d38f865d15d4875d107462f8e5d84a47af1893d42510af2a39c7363de09b6f1037e883d4bb91a47985b5bf9238b0a2abd83462177b5f2d3360be1421b

  Score

  10^/10

  dharmapersistenceransomwarespyware

  • Dharma

    Dharma is a ransomware that uses security software installation to hide malicious activities.

    ransomwaredharma

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spyware

  • Adds Run key to start application

    persistence

  • Drops desktop.ini file(s)

  • Drops file in System32 directory

  • Modifies service

    persistence
  behavioral1behavioral2