General
-
Target
add93ff66529e153263c05c8a01ea9b433788b861a2a5eb3def7bd538eb143e0
-
Size
341KB
-
Sample
220325-hndtmaffdl
-
MD5
d991b38f6102454e3148d402ddde6497
-
SHA1
a316dfc04d167b003c61d21e577ba79324138c19
-
SHA256
add93ff66529e153263c05c8a01ea9b433788b861a2a5eb3def7bd538eb143e0
-
SHA512
baa8d57919f8ef7eaf26f00dc1ce0acf13fc55ab6750488e2dfbcd59e89dd5b0b63582f9ff5e06a14226f5e753cf84af7d4f87cac768204ddae03626877bb9b2
Static task
static1
Behavioral task
behavioral1
Sample
add93ff66529e153263c05c8a01ea9b433788b861a2a5eb3def7bd538eb143e0.exe
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
add93ff66529e153263c05c8a01ea9b433788b861a2a5eb3def7bd538eb143e0.exe
Resource
win10v2004-20220310-en
Malware Config
Targets
-
-
Target
add93ff66529e153263c05c8a01ea9b433788b861a2a5eb3def7bd538eb143e0
-
Size
341KB
-
MD5
d991b38f6102454e3148d402ddde6497
-
SHA1
a316dfc04d167b003c61d21e577ba79324138c19
-
SHA256
add93ff66529e153263c05c8a01ea9b433788b861a2a5eb3def7bd538eb143e0
-
SHA512
baa8d57919f8ef7eaf26f00dc1ce0acf13fc55ab6750488e2dfbcd59e89dd5b0b63582f9ff5e06a14226f5e753cf84af7d4f87cac768204ddae03626877bb9b2
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-