General
-
Target
8ebdfdb497f4cf24f3512199c08ba63bdbe4f39d6486bd9a3424e9de338bbf9b
-
Size
92KB
-
Sample
221014-gdrgasacf2
-
MD5
00f31b8830bd46c9346021064f9c6f86
-
SHA1
9b551541ffc86560b9e6af1579acc2a62ad0bfc0
-
SHA256
8ebdfdb497f4cf24f3512199c08ba63bdbe4f39d6486bd9a3424e9de338bbf9b
-
SHA512
0a2fa1e7e5a1ba290e1aab2d1d1d0d8d6548a5edd9611ae37aa796d0553fe859a70ca35e11f0e15a530cf183013758de2435889f60d93289a9463823166bd3b1
-
SSDEEP
1536:dBwl+KXpsqN5vlwWYyhY9S4AquHHE1ef4BtydBESCU6ZRUBrIXCRm+vAx:3w+asqN5aW/hLRHka0ydBESkH9XUmiAx
Malware Config
Targets
-
-
Target
92c65e95b508ffacd2d7a36957599eb2d930a0d1a8b76a5c4551ee6e9d4da67e.exe
-
Size
92KB
-
MD5
8ce606be5e21897d0c2c27c9cc403d37
-
SHA1
35282d2247a0ab9840aa4e709faf4c1766c329cd
-
SHA256
92c65e95b508ffacd2d7a36957599eb2d930a0d1a8b76a5c4551ee6e9d4da67e
-
SHA512
1fec16d69e41833cefe39ee4976f4da1946d18d24ff5e2a0bc86d1b897ac78f38668fe7702997ef84f8f30c5a8d2fad847b1f66e86ee9fda7e13ed53d1cec51b
-
SSDEEP
1536:mBwl+KXpsqN5vlwWYyhY9S4AquHHE1ef4BtydBESCU6ZRUBrIXCRm+vA:Qw+asqN5aW/hLRHka0ydBESkH9XUmiA
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Deletes shadow copies
Ransomware often targets backup files to inhibit system recovery.
-
Drops startup file
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-