General
-
Target
882e6507516a3546154ac27a57dff2ca544b7b1f97eeeff35a121a8b4a14b996.exe
-
Size
92KB
-
Sample
210424-dkqt472tfn
-
MD5
b53c901068b57dcc17d4186de1b44a5c
-
SHA1
ea29aa1d883b4a1c45f8b4f657bc7914776423e6
-
SHA256
882e6507516a3546154ac27a57dff2ca544b7b1f97eeeff35a121a8b4a14b996
-
SHA512
94635d518eca90ceb448b1cfabc7c1685786b4b731d4ec12913d415eac92285281a5a0b568938ecd41d1ec73199bf7c3344e1adc97e88212379f72649650c81c
Static task
static1
Behavioral task
behavioral1
Sample
882e6507516a3546154ac27a57dff2ca544b7b1f97eeeff35a121a8b4a14b996.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
882e6507516a3546154ac27a57dff2ca544b7b1f97eeeff35a121a8b4a14b996.exe
Resource
win10v20210410
Malware Config
Extracted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta
hpjar@keemail.me
hpjar@protonmail.ch
Targets
-
-
Target
882e6507516a3546154ac27a57dff2ca544b7b1f97eeeff35a121a8b4a14b996.exe
-
Size
92KB
-
MD5
b53c901068b57dcc17d4186de1b44a5c
-
SHA1
ea29aa1d883b4a1c45f8b4f657bc7914776423e6
-
SHA256
882e6507516a3546154ac27a57dff2ca544b7b1f97eeeff35a121a8b4a14b996
-
SHA512
94635d518eca90ceb448b1cfabc7c1685786b4b731d4ec12913d415eac92285281a5a0b568938ecd41d1ec73199bf7c3344e1adc97e88212379f72649650c81c
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-