General
-
Target
4bf86347bfc2a4afd27b058828613f5bce1a09d369ab8b650b4f71534a7d75f0
-
Size
757KB
-
Sample
220712-j2sqdaccb4
-
MD5
6c7215b113d0d0fad9835cb98113bc1f
-
SHA1
ed921a96f3360f5b1fe67b957818b67a5cbaff62
-
SHA256
4bf86347bfc2a4afd27b058828613f5bce1a09d369ab8b650b4f71534a7d75f0
-
SHA512
2e2f1f090365c54085136fdc6e844f6b81249cf2b3505e25fa711a689e567e8eec6f5e60cf95875623cc175b88b49d62cc17019cb53246e10ea2f5702d54e787
Static task
static1
Behavioral task
behavioral1
Sample
4bf86347bfc2a4afd27b058828613f5bce1a09d369ab8b650b4f71534a7d75f0.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
4bf86347bfc2a4afd27b058828613f5bce1a09d369ab8b650b4f71534a7d75f0.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
4bf86347bfc2a4afd27b058828613f5bce1a09d369ab8b650b4f71534a7d75f0
-
Size
757KB
-
MD5
6c7215b113d0d0fad9835cb98113bc1f
-
SHA1
ed921a96f3360f5b1fe67b957818b67a5cbaff62
-
SHA256
4bf86347bfc2a4afd27b058828613f5bce1a09d369ab8b650b4f71534a7d75f0
-
SHA512
2e2f1f090365c54085136fdc6e844f6b81249cf2b3505e25fa711a689e567e8eec6f5e60cf95875623cc175b88b49d62cc17019cb53246e10ea2f5702d54e787
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-