General
-
Target
5d030decf5d33e780127fc2bdad12829dd62906a27cd4dafb48473d9d881eeee
-
Size
249KB
-
Sample
220801-e9t6ysbcap
-
MD5
bcbda2b6b06e19096393bdecf201b6d3
-
SHA1
8020f00ac69306910a62815964b52fdb999e2924
-
SHA256
5d030decf5d33e780127fc2bdad12829dd62906a27cd4dafb48473d9d881eeee
-
SHA512
0f855ab95ecfd289374f1d2acb9bb59f375bf520d7fb7a6d65b54fa953cdc0a34952a668c644f205810302d7b7b685317aea9fb9a1cb05d02f32383e86ad7dbd
Static task
static1
Behavioral task
behavioral1
Sample
5d030decf5d33e780127fc2bdad12829dd62906a27cd4dafb48473d9d881eeee.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
5d030decf5d33e780127fc2bdad12829dd62906a27cd4dafb48473d9d881eeee.exe
Resource
win10v2004-20220722-en
Malware Config
Extracted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Info.hta
moremo123123@cock.li
Targets
-
-
Target
5d030decf5d33e780127fc2bdad12829dd62906a27cd4dafb48473d9d881eeee
-
Size
249KB
-
MD5
bcbda2b6b06e19096393bdecf201b6d3
-
SHA1
8020f00ac69306910a62815964b52fdb999e2924
-
SHA256
5d030decf5d33e780127fc2bdad12829dd62906a27cd4dafb48473d9d881eeee
-
SHA512
0f855ab95ecfd289374f1d2acb9bb59f375bf520d7fb7a6d65b54fa953cdc0a34952a668c644f205810302d7b7b685317aea9fb9a1cb05d02f32383e86ad7dbd
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-