General
-
Target
ae56c68519963679e6d0a248598f828bf3ba788895c50fab39dffabfadcfb201
-
Size
253KB
-
Sample
220524-z6m9fsccfq
-
MD5
05e54bb1eb258389f3c3625f9c069d4b
-
SHA1
145207c2426ff8f66a02350fc2e35cf966912b0a
-
SHA256
ae56c68519963679e6d0a248598f828bf3ba788895c50fab39dffabfadcfb201
-
SHA512
1868c32abb102447d504895d89d1c7081a7ead0d25136ba2421afdce30a57cf8d243a54e64ab580ab1b8b8a2ee302402561c1d0452ed8fa9b5a8ed1a5f3c4bc6
Malware Config
Targets
-
-
Target
ae56c68519963679e6d0a248598f828bf3ba788895c50fab39dffabfadcfb201
-
Size
253KB
-
MD5
05e54bb1eb258389f3c3625f9c069d4b
-
SHA1
145207c2426ff8f66a02350fc2e35cf966912b0a
-
SHA256
ae56c68519963679e6d0a248598f828bf3ba788895c50fab39dffabfadcfb201
-
SHA512
1868c32abb102447d504895d89d1c7081a7ead0d25136ba2421afdce30a57cf8d243a54e64ab580ab1b8b8a2ee302402561c1d0452ed8fa9b5a8ed1a5f3c4bc6
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-