General
-
Target
2d54f796864517f52a8672ce374242bbf294e56bda750f62a0690ca3a51e9af4
-
Size
191KB
-
Sample
220330-bm3m2aeab9
-
MD5
87dd5d67467d6896228c4e749ffb8fa3
-
SHA1
72fff32cad026acd5a95ce34e2022098e27ad63c
-
SHA256
2d54f796864517f52a8672ce374242bbf294e56bda750f62a0690ca3a51e9af4
-
SHA512
e193f12be9d142ce944f71817bf483ff5a13eb588cecb0188f6c15ca06edc409d27d4a51bb2452d738fbc37e667acace3249a5072b1f1e919f9b58b931147fd6
Malware Config
Targets
-
-
Target
2d54f796864517f52a8672ce374242bbf294e56bda750f62a0690ca3a51e9af4
-
Size
191KB
-
MD5
87dd5d67467d6896228c4e749ffb8fa3
-
SHA1
72fff32cad026acd5a95ce34e2022098e27ad63c
-
SHA256
2d54f796864517f52a8672ce374242bbf294e56bda750f62a0690ca3a51e9af4
-
SHA512
e193f12be9d142ce944f71817bf483ff5a13eb588cecb0188f6c15ca06edc409d27d4a51bb2452d738fbc37e667acace3249a5072b1f1e919f9b58b931147fd6
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-