General
-
Target
fc5e278e8b7c1213d0275e4995a5e75755da21118d8b3693da20770454851cd9
-
Size
313KB
-
Sample
220427-wlyynsbhdr
-
MD5
bac67b46e45cc465fc563f39bbbfff21
-
SHA1
a9f06fe45514088ec97da9bf3a94e1358c428ed7
-
SHA256
fc5e278e8b7c1213d0275e4995a5e75755da21118d8b3693da20770454851cd9
-
SHA512
83e0859e33e07bc1ad5a52ea3ea4161eada633fa089a6ae95656bc820bf73c77b08aef0f03af8c279dafe42081327f982d727bfe398f1346ca7e3a0d2b81e305
Malware Config
Targets
-
-
Target
fc5e278e8b7c1213d0275e4995a5e75755da21118d8b3693da20770454851cd9
-
Size
313KB
-
MD5
bac67b46e45cc465fc563f39bbbfff21
-
SHA1
a9f06fe45514088ec97da9bf3a94e1358c428ed7
-
SHA256
fc5e278e8b7c1213d0275e4995a5e75755da21118d8b3693da20770454851cd9
-
SHA512
83e0859e33e07bc1ad5a52ea3ea4161eada633fa089a6ae95656bc820bf73c77b08aef0f03af8c279dafe42081327f982d727bfe398f1346ca7e3a0d2b81e305
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-