General
-
Target
478052e8d42187e9c1d0bc38d13e140d7e92d9ab59874c44bc83e3a9ec13a631
-
Size
173KB
-
Sample
210518-ba6m63lh8x
-
MD5
0e3628ff2cfc0b5b457e14acc55e7fa6
-
SHA1
324e18c7c8776c1c9d8ec054182d98b8c8c0021e
-
SHA256
478052e8d42187e9c1d0bc38d13e140d7e92d9ab59874c44bc83e3a9ec13a631
-
SHA512
7959504f076ce488559f0af15b7f4514ac25e8fcdee428870c8fbb7e3fb2ceebc042ae3668adbd14fd3204e65c61cb2298056cd43a59a8b4ac6a01070c920136
Static task
static1
Behavioral task
behavioral1
Sample
478052e8d42187e9c1d0bc38d13e140d7e92d9ab59874c44bc83e3a9ec13a631.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
478052e8d42187e9c1d0bc38d13e140d7e92d9ab59874c44bc83e3a9ec13a631.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
478052e8d42187e9c1d0bc38d13e140d7e92d9ab59874c44bc83e3a9ec13a631
-
Size
173KB
-
MD5
0e3628ff2cfc0b5b457e14acc55e7fa6
-
SHA1
324e18c7c8776c1c9d8ec054182d98b8c8c0021e
-
SHA256
478052e8d42187e9c1d0bc38d13e140d7e92d9ab59874c44bc83e3a9ec13a631
-
SHA512
7959504f076ce488559f0af15b7f4514ac25e8fcdee428870c8fbb7e3fb2ceebc042ae3668adbd14fd3204e65c61cb2298056cd43a59a8b4ac6a01070c920136
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Modifies system executable filetype association
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-