General
-
Target
d35ed5f0fb9669c103d47f70ad00aee318030952bb0c5af88da9680ad40c4967
-
Size
346KB
-
Sample
221023-asgr3sffcn
-
MD5
1ddc755d08a1817dd500b4135acb530b
-
SHA1
fde8d8506e6c121e4a7c7944f6369e608f77aa08
-
SHA256
d35ed5f0fb9669c103d47f70ad00aee318030952bb0c5af88da9680ad40c4967
-
SHA512
7de5811fecd7629a3f738afe704763185dab2c4afe19da40121748debe3f87db25d07287fb081d83bbbc6b98e1a2c3f8ee9006b507c148abf4bd4f667a56470a
-
SSDEEP
6144:YrhM4eG+kPsgzC4eS2h4ayNWLSrcs6rGAiN7h:YUhk0g5eS7ASL6rQv
Static task
static1
Behavioral task
behavioral1
Sample
d35ed5f0fb9669c103d47f70ad00aee318030952bb0c5af88da9680ad40c4967.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d35ed5f0fb9669c103d47f70ad00aee318030952bb0c5af88da9680ad40c4967.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
d35ed5f0fb9669c103d47f70ad00aee318030952bb0c5af88da9680ad40c4967
-
Size
346KB
-
MD5
1ddc755d08a1817dd500b4135acb530b
-
SHA1
fde8d8506e6c121e4a7c7944f6369e608f77aa08
-
SHA256
d35ed5f0fb9669c103d47f70ad00aee318030952bb0c5af88da9680ad40c4967
-
SHA512
7de5811fecd7629a3f738afe704763185dab2c4afe19da40121748debe3f87db25d07287fb081d83bbbc6b98e1a2c3f8ee9006b507c148abf4bd4f667a56470a
-
SSDEEP
6144:YrhM4eG+kPsgzC4eS2h4ayNWLSrcs6rGAiN7h:YUhk0g5eS7ASL6rQv
Score10/10-
Dharma
Dharma is a ransomware that uses security software installation to hide malicious activities.
-
Drops startup file
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-