Extracted

• • Target

    bcd2682a5e842d67f198b6d59b2591c8eb4390a85b949dd745dab5a1bc9a96b3

  • Size

    269KB

  • MD5

    c54a53612414dcedead971bf88f16d2d

  • SHA1

    addc96bd67738c7228eaa71ba6740ad0579936f3

  • SHA256

    bcd2682a5e842d67f198b6d59b2591c8eb4390a85b949dd745dab5a1bc9a96b3

  • SHA512

    b981b873af5acb266b1d6da3d6fee46ce3a243100ad64d16e19a0768d8bc92f6f6efc4644cc3fb06605ac1dd5f6eaa10541e2d9efee9f4ab329db8c976728311

  Score

  10^/10

  dharmapersistenceransomwarespywarestealer

  • Dharma

    Dharma is a ransomware that uses security software installation to hide malicious activities.

    ransomwaredharma

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Drops desktop.ini file(s)

  • Drops file in System32 directory

  behavioral1behavioral2