Extracted

• • Target

    253b606a1df715d763023be86ba061e79b17202a4f6c3387b66905f7661210cc

  • Size

    92KB

  • MD5

    087b89e9762a8f81d254bfdb879f1f93

  • SHA1

    77071fbe5f6ed22c388baf10dd957cd6cb5ac223

  • SHA256

    253b606a1df715d763023be86ba061e79b17202a4f6c3387b66905f7661210cc

  • SHA512

    7d004aad73a24024846be1e063f2fd6a4b8404470fcd0c28b5b07dcf8fc4a642a56c3467be3f67d370c1ccce6fdaad7ed3e93659ed0ee0fe7bf3a6eb29e7b133

  Score

  10^/10

  dharmapersistenceransomwarespywarestealer

  • Dharma

    Dharma is a ransomware that uses security software installation to hide malicious activities.

    ransomwaredharma

  • Deletes shadow copies

    Ransomware often targets backup files to inhibit system recovery.

    ransomware

  • Modifies extensions of user files

    Ransomware generally changes the extension on encrypted files.

    ransomware

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Adds Run key to start application

    persistence

  • Drops desktop.ini file(s)

  • Drops file in System32 directory

  behavioral1behavioral2