General
-
Target
425e4f08a31dc3c68a1a3a2518322531a4b9043ce66a683184d4d0b6e0ae6913
-
Size
867KB
-
Sample
220708-c89h5sebgj
-
MD5
611951ee8ab1f66bace29d81d40fdeb3
-
SHA1
7769f65c969bcc8f6e677b42fcbd9d8516117437
-
SHA256
425e4f08a31dc3c68a1a3a2518322531a4b9043ce66a683184d4d0b6e0ae6913
-
SHA512
a62c7b2b44084bc284ae5b57e27b2ef9375832871dcfb6863a78ebfb4a474457c5693a94566e2b37fab8e91f757a868a9615e6f09c15762934726c840d36113e
Static task
static1
Behavioral task
behavioral1
Sample
425e4f08a31dc3c68a1a3a2518322531a4b9043ce66a683184d4d0b6e0ae6913.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
425e4f08a31dc3c68a1a3a2518322531a4b9043ce66a683184d4d0b6e0ae6913.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
425e4f08a31dc3c68a1a3a2518322531a4b9043ce66a683184d4d0b6e0ae6913
-
Size
867KB
-
MD5
611951ee8ab1f66bace29d81d40fdeb3
-
SHA1
7769f65c969bcc8f6e677b42fcbd9d8516117437
-
SHA256
425e4f08a31dc3c68a1a3a2518322531a4b9043ce66a683184d4d0b6e0ae6913
-
SHA512
a62c7b2b44084bc284ae5b57e27b2ef9375832871dcfb6863a78ebfb4a474457c5693a94566e2b37fab8e91f757a868a9615e6f09c15762934726c840d36113e
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-