Extracted

• • Target

    d33b4a734e1a81717523dfb34633b418193cef7e6b245fe06aab5cbbac12c4d8

  • Size

    158KB

  • MD5

    da244fb90a94978834bef6e734046a8c

  • SHA1

    acf3d82f4eb9c2d85c619ebe746cdf509507f6b7

  • SHA256

    d33b4a734e1a81717523dfb34633b418193cef7e6b245fe06aab5cbbac12c4d8

  • SHA512

    0a97a5aaee04e661b6b059ecf4044608feccedecd838a87b16f3f8c4eb5725e2ba65cfd706db88e5360f8c5504fd6720010f41518dfc444add8b062c1242d456

  Score

  10^/10

  dharmapersistenceransomwarespywarestealer

  • Dharma

    Dharma is a ransomware that uses security software installation to hide malicious activities.

    ransomwaredharma

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Drops desktop.ini file(s)

  • Drops file in System32 directory

  behavioral1behavioral2