Overview

overview

10

Static

static

46082f6025...63.exe

windows7_x64

10

46082f6025...63.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46082f602558d2588eb9d2ab4da3efe5d5e0a7c7ef3a4812daa9b60d35fa5e63

  • Size

    92KB

  • Sample

    220524-w7glhsdcf9

  • MD5

    d24095730dd6d35e3a62ae5d3671ff2f

  • SHA1

    f47569e6d5617571c012b658ba407fb08bd7cb91

  • SHA256

    46082f602558d2588eb9d2ab4da3efe5d5e0a7c7ef3a4812daa9b60d35fa5e63

  • SHA512

    5e2398270cd20fe2b144c2349d0dc06f358d5cbcf391054106b2255df6e3687d94a3298818da5c46dcf415be5c6cfe0ef814a2d9cc1b597b64501e822bcce299

Score
10/10
dharmapersistenceransomwarespywarestealer

Malware Config

Targets

    • Target

      46082f602558d2588eb9d2ab4da3efe5d5e0a7c7ef3a4812daa9b60d35fa5e63

    • Size

      92KB

    • MD5

      d24095730dd6d35e3a62ae5d3671ff2f

    • SHA1

      f47569e6d5617571c012b658ba407fb08bd7cb91

    • SHA256

      46082f602558d2588eb9d2ab4da3efe5d5e0a7c7ef3a4812daa9b60d35fa5e63

    • SHA512

      5e2398270cd20fe2b144c2349d0dc06f358d5cbcf391054106b2255df6e3687d94a3298818da5c46dcf415be5c6cfe0ef814a2d9cc1b597b64501e822bcce299

    Score
    10/10
    dharmapersistenceransomwarespywarestealer

    • Dharma

      Dharma is a ransomware that uses security software installation to hide malicious activities.

      ransomwaredharma

    • Deletes shadow copies

      Ransomware often targets backup files to inhibit system recovery.

      ransomware

    • Drops startup file

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks