General
-
Target
820560a7e2c2bf9def3fb1e24fe5b8c224cfe7da60da6933210102bb7e37b77c
-
Size
367KB
-
Sample
220508-h931mseabj
-
MD5
ddeb1c9c0aba9cd5b40e5490199e01b0
-
SHA1
b4b84473f07825432da0e80d73508433c6a1eacb
-
SHA256
820560a7e2c2bf9def3fb1e24fe5b8c224cfe7da60da6933210102bb7e37b77c
-
SHA512
a99c8ab5d9c4c4b159a49bf63951be5da0ce1e9045238107df9c3ca1f21a89444837fe89218ef0f67ef3158f3733b65a6562602737388d8e9191786b380f9231
Malware Config
Targets
-
-
Target
820560a7e2c2bf9def3fb1e24fe5b8c224cfe7da60da6933210102bb7e37b77c
-
Size
367KB
-
MD5
ddeb1c9c0aba9cd5b40e5490199e01b0
-
SHA1
b4b84473f07825432da0e80d73508433c6a1eacb
-
SHA256
820560a7e2c2bf9def3fb1e24fe5b8c224cfe7da60da6933210102bb7e37b77c
-
SHA512
a99c8ab5d9c4c4b159a49bf63951be5da0ce1e9045238107df9c3ca1f21a89444837fe89218ef0f67ef3158f3733b65a6562602737388d8e9191786b380f9231
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-