General
-
Target
e0ba6d5159e2b2670a938af70100717a5858ed48e66451e4374b133bc0ce84bc
-
Size
137KB
-
Sample
220427-whpwlaffd4
-
MD5
1588b9699197251449436d8bffd43f02
-
SHA1
2f88dc09a8a2f237909417684ec428e296812ce4
-
SHA256
e0ba6d5159e2b2670a938af70100717a5858ed48e66451e4374b133bc0ce84bc
-
SHA512
e9b5c911866b15cd55a9f80fcae2af3faa7a732fc0317c7592b3337350dd428b45163f56969c78db82a800a07b3e84f0d01b6d38d413af47210b282203dba02a
Malware Config
Targets
-
-
Target
e0ba6d5159e2b2670a938af70100717a5858ed48e66451e4374b133bc0ce84bc
-
Size
137KB
-
MD5
1588b9699197251449436d8bffd43f02
-
SHA1
2f88dc09a8a2f237909417684ec428e296812ce4
-
SHA256
e0ba6d5159e2b2670a938af70100717a5858ed48e66451e4374b133bc0ce84bc
-
SHA512
e9b5c911866b15cd55a9f80fcae2af3faa7a732fc0317c7592b3337350dd428b45163f56969c78db82a800a07b3e84f0d01b6d38d413af47210b282203dba02a
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-