General
-
Target
a0ce2a605706591bbbdeee345fcde145e88ea0172143068ae78f949d37d258e8
-
Size
933KB
-
Sample
220523-z67m4aghe6
-
MD5
c37771bc5eaf316cde7f35d4afecb7cd
-
SHA1
75c4fbcd9bfe15b5fff56c9a2e5a0c8bba2a00e5
-
SHA256
a0ce2a605706591bbbdeee345fcde145e88ea0172143068ae78f949d37d258e8
-
SHA512
95fdbd9e497f237234d1dfff6f14ac1283ddc2a44a4c684820e6057eab0fddfa24ccf13c2a0811b527d285ad8101d7b02f5a43b30e4a4c7c68c5a7ce0dd32156
Static task
static1
Behavioral task
behavioral1
Sample
a0ce2a605706591bbbdeee345fcde145e88ea0172143068ae78f949d37d258e8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
a0ce2a605706591bbbdeee345fcde145e88ea0172143068ae78f949d37d258e8.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta
admin@sectex.net
admin@sectex.world
Targets
-
-
Target
a0ce2a605706591bbbdeee345fcde145e88ea0172143068ae78f949d37d258e8
-
Size
933KB
-
MD5
c37771bc5eaf316cde7f35d4afecb7cd
-
SHA1
75c4fbcd9bfe15b5fff56c9a2e5a0c8bba2a00e5
-
SHA256
a0ce2a605706591bbbdeee345fcde145e88ea0172143068ae78f949d37d258e8
-
SHA512
95fdbd9e497f237234d1dfff6f14ac1283ddc2a44a4c684820e6057eab0fddfa24ccf13c2a0811b527d285ad8101d7b02f5a43b30e4a4c7c68c5a7ce0dd32156
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-