General
-
Target
541ac782fa300f3cd3f7315770aeb2c3937f107ea565cfb4fe09bcc86e0a0261
-
Size
573KB
-
Sample
220316-zsqsesgea3
-
MD5
7a541f021321604f9ecdaf73a91dc6bf
-
SHA1
9f1ef10662e33a1d4dddb0c46ab7df957a20798a
-
SHA256
541ac782fa300f3cd3f7315770aeb2c3937f107ea565cfb4fe09bcc86e0a0261
-
SHA512
70958fa7cb16404964346c95d8ecdb3672df8a01a303e4bac924626dcd9f5f7a7523616594f3c4b92cd08afc764a32136608ab15cee375b1e74b3afda7e0ea8e
Behavioral task
behavioral1
Sample
541ac782fa300f3cd3f7315770aeb2c3937f107ea565cfb4fe09bcc86e0a0261.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
541ac782fa300f3cd3f7315770aeb2c3937f107ea565cfb4fe09bcc86e0a0261.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
541ac782fa300f3cd3f7315770aeb2c3937f107ea565cfb4fe09bcc86e0a0261
-
Size
573KB
-
MD5
7a541f021321604f9ecdaf73a91dc6bf
-
SHA1
9f1ef10662e33a1d4dddb0c46ab7df957a20798a
-
SHA256
541ac782fa300f3cd3f7315770aeb2c3937f107ea565cfb4fe09bcc86e0a0261
-
SHA512
70958fa7cb16404964346c95d8ecdb3672df8a01a303e4bac924626dcd9f5f7a7523616594f3c4b92cd08afc764a32136608ab15cee375b1e74b3afda7e0ea8e
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-