4e1729be...fdae | Files
Try VMRay Analyzer
VTI SCORE: 100/100
Dynamic Analysis Report
Classification: Ransomware, Wiper, Trojan

Remarks

(0x200001e): The maximum size of extracted files was exceeded. Some files may be missing in the report.

(0x200001d): The maximum number of extracted files was exceeded. Some files may be missing in the report.

Filters:
Filename Category Type Severity Actions
C:\Users\5p5NrGJn0jS HALPmcxz\Desktop\ohbdap.exe Sample File Binary
Malicious
»
Also Known As C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ohbdap.exe (Dropped File)
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ohbdap.exe (Dropped File)
C:\Windows\System32\ohbdap.exe (Dropped File)
Mime Type application/vnd.microsoft.portable-executable
File Size 92.50 KB
MD5 9d8ec52d23428089ecb33e5c70c26cf8 Copy to Clipboard
SHA1 782ad57dd19d9cf1fec67480bcca1b8445c203fe Copy to Clipboard
SHA256 4e1729be38023e15056914fab40c9ff3e04990c998c5c9711b4376acb919fdae Copy to Clipboard
SSDeep 1536:mBwl+KXpsqN5vlwWYyhY9S4Akg9Sb+N2ZETxn6G4K50plykH6mY5ZN:Qw+asqN5aW/hLH9W+Q6kG4K50Bu Copy to Clipboard
ImpHash f86dec4a80961955a89e7ed62046cc0e Copy to Clipboard
File Reputation Information
»
Severity
Blacklisted
First Seen 2019-06-11 10:36 (UTC+2)
Last Seen 2019-06-11 18:37 (UTC+2)
Names Win32.Trojan.Crysis
Families Crysis
Classification Trojan
PE Information
»
Image Base 0x400000
Entry Point 0x40a9d0
Size Of Code 0x9e00
Size Of Initialized Data 0xd400
File Type FileType.executable
Subsystem Subsystem.windows_gui
Machine Type MachineType.i386
Compile Timestamp 2017-03-02 23:49:06+00:00
Sections (3)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x401000 0x9c25 0x9e00 0x400 IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ 5.97
.rdata 0x40b000 0x2636 0x2800 0xa200 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 7.79
.data 0x40e000 0xaad5 0xa800 0xca00 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 7.98
Imports (1)
»
KERNEL32.dll (9)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
GetProcAddress 0x0 0x40b000 0xd508 0xc708 0x245
LoadLibraryA 0x0 0x40b004 0xd50c 0xc70c 0x33c
WaitForSingleObject 0x0 0x40b008 0xd510 0xc710 0x4f9
InitializeCriticalSectionAndSpinCount 0x0 0x40b00c 0xd514 0xc714 0x2e3
LeaveCriticalSection 0x0 0x40b010 0xd518 0xc718 0x339
GetLastError 0x0 0x40b014 0xd51c 0xc71c 0x202
EnterCriticalSection 0x0 0x40b018 0xd520 0xc720 0xee
ReleaseMutex 0x0 0x40b01c 0xd524 0xc724 0x3fa
CloseHandle 0x0 0x40b020 0xd528 0xc728 0x52
Memory Dumps (1)
»
Name Process ID Start VA End VA Dump Reason PE Rebuilds Bitness Entry Points AV YARA Actions
ohbdap.exe 1 0x00400000 0x00418FFF Relevant Image - 32-bit - True False
Local AV Matches (1)
»
Threat Name Severity
Trojan.Ransom.Crysis.E
Malicious
C:\Boot\BOOTSTAT.DAT.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 64.25 KB
MD5 85d2ae48ea93066e6eaa17a9d2c1f236 Copy to Clipboard
SHA1 119de1057a099279e1e803914ace4c11c9527ae6 Copy to Clipboard
SHA256 03edb01bc4192e8ee13ce34fe7c26f45c634b593f7ef16b8c6e2362d3483d420 Copy to Clipboard
SSDeep 1536:BNH88NHRmQiyjLn/BNpNqawwiBsdH8aP+tPCJgX+:BRdHRmQiyjLn/BrNqaI6dJ66G+ Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\BOOTSECT.BAK.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 8.25 KB
MD5 452fb49baad30e511c128dd8c0b0a901 Copy to Clipboard
SHA1 7ae900fb28676dec648a081654b15f4115198bb7 Copy to Clipboard
SHA256 e6c946c4fd3a56e78442241716929f0b85e77dbdae66e74598ac927f0da15243 Copy to Clipboard
SSDeep 192:WpVjqGyhNbuKyMHvhEUkJxcee8GVIPmD7I7azBJQdxRsuC1Xu:Wp8GyhFuKtvhkGVR/ra0e Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 611327f6f39b715cd6b8f6e1c02d0efa Copy to Clipboard
SHA1 161d917fd3036cff21acd24255ab25a3675b39c1 Copy to Clipboard
SHA256 390172030064547d9fb724798e3119bdd2585fb17410c876fb14457dfed58699 Copy to Clipboard
SSDeep 48:TGk2nUdatGHq9cli10kWXU/9J79tejDbY:TeUda4acXU1xuD8 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.07 KB
MD5 5e2db74728bc8bf29d8e1038c8d72513 Copy to Clipboard
SHA1 dde2da8cff610a71a1902eba7d0e2abac54c3165 Copy to Clipboard
SHA256 8317851e41c2ab0a84a6fd55a6ea90ae1ab5cdc405bf5f068b41e3fcc43b9862 Copy to Clipboard
SSDeep 48:CkOT94dQ+4GmDsmJfwIeJEmuj2GXkBGdaDbo:BOZAQ+4Gpgf9eJmj2G0BSaDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 736194269bd9889b506775b0b3a46d52 Copy to Clipboard
SHA1 5fde94b60cc25e42a1cd581612131839ffc5f567 Copy to Clipboard
SHA256 21a30eaf9b6abcdb9ac4f530fbeb523c11f46f1f279f4d1548d312bb5730828f Copy to Clipboard
SSDeep 48:6OJYz9AUz37c6aSEkGBkH7avNQk64yYeetmDba:5TUTjasGSSN44VmDm Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.80 KB
MD5 2f8f18bc886af136f00e3628cefcd841 Copy to Clipboard
SHA1 de773d0ec1ad6c2313639be277d7d8b31c92ec44 Copy to Clipboard
SHA256 68b5c76acde57f8ae17ce6c6c521fc7c7940b649ec158a9ac29ef21b19028edf Copy to Clipboard
SSDeep 48:qujjjn/2b+H0eYdv/WX/RMVWhKoeoSkifDDbo:nObk1Y1c5M4hKoeoMfDDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 3.36 KB
MD5 defe26e7ceb9e7ccc33b763e69f52646 Copy to Clipboard
SHA1 b93da5af561660b9d886b5967cfe83121099370b Copy to Clipboard
SHA256 f76b193e1f53826e542076b02d10d4c80eae952f872fd85a970eb0747dae19bb Copy to Clipboard
SSDeep 96:33nfUK13yzeox2SHzpUQ9CfrglRMGG+CgCJcHLVuv8s911CDa:34zeoxxCQ9bpJBLV8aa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 4.33 KB
MD5 7a371a498cfab912656cc88cbbf7b14a Copy to Clipboard
SHA1 2d439d264458d92eed94026fa8f09e8e6907da5d Copy to Clipboard
SHA256 4f2ae943613dc9435519c07e149fb2af4863e421419438db87b05a66729ba750 Copy to Clipboard
SSDeep 96:Bu4+qqE7sxl0mrZwdfh28ezVhE+qWOWShOTVRc2wCNOKi+Ds:BmqqE7sxl08ZKfh28ezqRi7BwCNoes Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.60 KB
MD5 73b90693e59729f24dd0c10347fac93b Copy to Clipboard
SHA1 26d3f83be11e82b2578fc5bd3ea1363820d41171 Copy to Clipboard
SHA256 c4ae72acfe1a32c50f55eced40d3f068bf2da303035f03284ed1fadb0e01010b Copy to Clipboard
SSDeep 48:LnP1eqZVp1PtU/h2V5uI/j5dnttuzQ6m+mQN/FZchlOgQScFikDbo:rkQV7tCh2rx75FTuzXmNQpFZ4OgWFikA Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.99 KB
MD5 b7269de7b128fc360f1cd31800aa4a6e Copy to Clipboard
SHA1 0b24422d69276e3ecad53896bbf6adfad10dec60 Copy to Clipboard
SHA256 c027d453d8e52782b8c90d691c69927000fecefd90e29d58422d0d7bbe87331a Copy to Clipboard
SSDeep 48:Ng3mpN6HfnkUekuxoVT7YZPPnHm7ZEeVIDb8:N3pN6/nkRmX+Pm7ZFIDY Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.76 KB
MD5 fe520eb0db17b8a91efb0c03189f4462 Copy to Clipboard
SHA1 f7ba2bb274d1f566a47f3a7ea761cfdf30cf7230 Copy to Clipboard
SHA256 887525ce0f6a80687ae0fb2f74344b3f9b85e6a3c943f363c5c5014a047e15e6 Copy to Clipboard
SSDeep 48:WW1Kh6YPtCCA33UJwaA/wnIZANMp4HROqPJFez5DbS:dCTzcDZ/Sj05Du Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.55 KB
MD5 20b42d713cdc1851c9a5962fae597db5 Copy to Clipboard
SHA1 e52cc69cfa2ee9882ed3f4feeb43a59d45bde281 Copy to Clipboard
SHA256 ffba023d11b9a4838a2c8f107f0e1deea10f3998548967456b54b6cec667a0b7 Copy to Clipboard
SSDeep 24:ThN5/wYNXGmYawv7w3zGe1kIuOFeiJy9Zjd5pbCLtvYCHsrDvDvo:VN5oYN2mYa68pBJeVMy0+Dbo Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.03 KB
MD5 fb3a268aa849e2e631a7cfb23be5eb44 Copy to Clipboard
SHA1 e70d49861136e3999445065112b9084347997c45 Copy to Clipboard
SHA256 5043879c01da2d7e372cf98abf06500cad3fb70a6dff46bc50060fb287043fee Copy to Clipboard
SSDeep 24:RlQQck6mATOEB/CgBDomjm7paZky2yMDOxccllPKzHyrGDvDvS:fQvH9HAos7pyFhPKzyrGDbS Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 a91ac0545410639db0cd54ed3933b7a5 Copy to Clipboard
SHA1 a6eaba16aabc23f00f45feb95ae4c49a2e77f3ee Copy to Clipboard
SHA256 45f010419a08f673359c51285746ad44f0ee125a9d9c134d8b527e976b54194f Copy to Clipboard
SSDeep 48:Sj9IZTAbGX/+S5Y+oASMyo8BHZHiVTFsqBDbo:SjuZum/nJSto8THiV5vDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 352839cd6d228f974f012992f81738ee Copy to Clipboard
SHA1 c7d8dde5a6dc035f5a1b73e63b505655c17b62f1 Copy to Clipboard
SHA256 1a6ef8b0da09b06e2a77a45f491a790148ad87254a8aee9a93c860d6232f402c Copy to Clipboard
SSDeep 24:rGeF+DU4X8G7eDNWFVEC0Jl09jpJ/ho0k/p1TrXYxuR6xse0sRihKxXlzoPDvDvo:rZQDUO8pfJl0vHo0CjUEEse09sxwDbo Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 5.97 KB
MD5 8815459bb6b4aaa5182652901a5bd31d Copy to Clipboard
SHA1 0bc47f8829003fc03df8833cdad5ff023b12cb9a Copy to Clipboard
SHA256 5b8c4bd9d1a32df2f4b0ed0f79452df24ca69f4571663198c56e387c5962016b Copy to Clipboard
SSDeep 96:mmn3FwNR+e5q9pIORmGX6scVgysU0Xy1CgcFgID67wMfAqZTVseF/nzE41Qy1JMM:mm3Fm5q9pnRRciXNwamBAqMeF/nzE41X Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.60 KB
MD5 3aafb94fa0e533a0c8dccdbfc5a60323 Copy to Clipboard
SHA1 8170bd1f24cd51b232807708f877989e524dd0c8 Copy to Clipboard
SHA256 2e10d6f0c6b29b3cc112d1c695477e537075b90ac73de6e11772c4b9dcc717bd Copy to Clipboard
SSDeep 24:/vz69TEADDyYPSRfl82wVSfaS0hM38BN8eJoFItMvWO0pnZPlO68k2leGDvDvE:/L69YADQMsiHMMBN8emSMoZds1eGDbE Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.54 KB
MD5 c14065576173b3188f0f2ee931ca56bc Copy to Clipboard
SHA1 bc0735299f1ac0f4d3942c3810a4cc2eaa54aa42 Copy to Clipboard
SHA256 a3b1be39ea378cc884feb349d21a06de980f8760daae5228e0c8a53248b22abc Copy to Clipboard
SSDeep 48:L7JRrx8UXKLLjx6tJRL5gBM43UMcaRvbYr5pJNG5qsDbo:LNRrx8U63d6tJRL5gO43/BYr5pjG5XDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.04 KB
MD5 e9168ed432b953858209c540437f83f9 Copy to Clipboard
SHA1 470d699700196fe801c0b90563d9fa3312123ec6 Copy to Clipboard
SHA256 a23ada6f64fd70e78317f1353ee46efe220810e4c555dc119db1acd290d335b7 Copy to Clipboard
SSDeep 48:ZeXg8V0GskayVi+rahNqOFpaB79p2TN/ZRgPDbo:YXgFHQBr4NqOF8BKxxRMDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\VisioMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 9.51 KB
MD5 1955cb9dd3a558410b48e4f110284d8d Copy to Clipboard
SHA1 7d2f8d7f26f91d751ec2ed2ec9c585dbb12b0904 Copy to Clipboard
SHA256 8743bd5f991f8ba2d16598fdb926c9d2e3d9a3cc467d8e6b39074cdf47166ab7 Copy to Clipboard
SSDeep 192:8cS9XdCKgEZgzIBVAOmF5MgnbD2JQWCIFbp15I2Bn9hZxQyhHBtbMgu:zS3CKgE65lneQWCubO8LGGHBtbML Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\OneNoteMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.81 KB
MD5 bc4ceacd642037a5f2bb4cc9b44de837 Copy to Clipboard
SHA1 3745cb4f4c1d62c6231a82d3e3442dd8f17d7560 Copy to Clipboard
SHA256 cc4e82d5b37bb6e42da13d358d8221da2e9cef6851fbd39faa83137ba1d82d64 Copy to Clipboard
SSDeep 48:YLPbOHglYhY7+l2mzFiTH7DJizDHeCDbm:+DYgYhY7e2SiL7DJ+XDa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0054-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 6.33 KB
MD5 a874bc1b041a70b2fb8eae361b316e1a Copy to Clipboard
SHA1 d5b738a1c4c303e2ca60654c026e081948d047c4 Copy to Clipboard
SHA256 fb92fcb765f550a57e4043217a95441081b23b5b710fba740c09f45747fe71f2 Copy to Clipboard
SSDeep 192:QbX47PyPRBPrAha4TGWihTHuLeJeX1soAmLTx1+s:QbXOPKPMTDIubDPj Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\ProjectMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 ff8fea7513065bb46c2a653bb7236808 Copy to Clipboard
SHA1 01a26015be155341b8ce2b71d6e9bf6b58933c3e Copy to Clipboard
SHA256 7401e423329aada8b137dc6ab28a84f9d8dddcbb174d2fa55491a512f586051b Copy to Clipboard
SSDeep 48:9XSJAEvmbmwb24O0n0levopFnxke/ZMDbm:hhEvmSQ80hClwDa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-00B4-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.07 KB
MD5 7a196dede1a3be2b080ee86164abe4e3 Copy to Clipboard
SHA1 f18ce177801e6da6822be100b02ae420467f5e4d Copy to Clipboard
SHA256 980c3eb638b1baa1844fde9c49c48a486d412b28823e25bea91fcd3b2afb61e7 Copy to Clipboard
SSDeep 48:f0mWN4/Wu+e8IdOidFAk702ji9PTjhbieRTen0rRDbo:f0mV/WVe8wAkw2+TjVz0ngRDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\GrooveMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.14 KB
MD5 5d2481e4ffa65f4c1ce26360a04fc838 Copy to Clipboard
SHA1 50dbb1fa3b0f0755993d38747f102a366b3bf4de Copy to Clipboard
SHA256 41a9193b0d0a8dc05523df931c5e97f9455282a2b04403cbab628f9dd0d73781 Copy to Clipboard
SSDeep 24:OzzZnbutax/rg8+omRRvDOmkMirFT6NoMet2jLCPpgSHDScegzDvDvQ:Oz9butalg1xDvWFee5t2jL0zegzDbQ Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-00BA-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.65 KB
MD5 9091453a957ae94a44c842b09ee877cc Copy to Clipboard
SHA1 a263911f80c16435eb8017fc5006bcc6d83a73d1 Copy to Clipboard
SHA256 6b33a92267a05113921b101519aec3ede77adb511d0a8d921bfbbe872962f1a2 Copy to Clipboard
SSDeep 24:KmtKH3mSlbUjIojRGF2najkZOgu3wRQeWqV0ed0uCxrfHBNLbi37Ms6UpNZhDvDw:yH3fxkwnmZmjHBNn2f6UpPhDbo Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\branding.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 582.61 KB
MD5 bd60fa288522a87ec2408e03a52913ae Copy to Clipboard
SHA1 7acfe391a8fabfe29c46c4e366da795509566756 Copy to Clipboard
SHA256 8fae58da91d4d4c988325245123cbd733e2eb19862429b02e72fb12061b83c31 Copy to Clipboard
SSDeep 12288:mTv04tjzspV2/MCjvPttik8DRSEuVAiY/1aj3Ii7ISHvlf:mrb0vnCjvPrhENigeFR Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-00A1-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.18 KB
MD5 e773f1548dd89ae1fd2f5fc32e308b26 Copy to Clipboard
SHA1 f1058f0f8840179e572115da49b2e4545cf40319 Copy to Clipboard
SHA256 bbe2bead949fd4cae7e46b826b9af71f6c0d69583bfbfc3df8259478c81ac1d2 Copy to Clipboard
SSDeep 48:I+Dp3pi9sRKIbM7xULhIv3uyxyq+O7cysIYyw0yLKVmCaSDbo:I+JUO1V4GO7/Yb4daSDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfoPathMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.44 KB
MD5 ce051e1ab66a8311595b538f582829aa Copy to Clipboard
SHA1 a63ffbdda067e7aebeb6f40d617433d68af71d23 Copy to Clipboard
SHA256 70023223c4f4831384d61c25f50818f7578d77b0cd45a8fe5754a188892d405f Copy to Clipboard
SSDeep 24:GpLj99S9SYbsHu0jLHwnpI+CMSgAjqYfthPs/LrOquypNAvshMS66VVQeV2DvDvE:GlJtYMu8wpIhjqCXPs/uquINAvuMJGV5 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 5.67 KB
MD5 c739f5309c52aac2e833fb06ea9fb0d1 Copy to Clipboard
SHA1 66d8499bda8588346f1054382ac4fadd648c61da Copy to Clipboard
SHA256 bf37313686d5bfbad9318e876ca16dd336a226ace97c121e2298be683ee9129f Copy to Clipboard
SSDeep 96:1GJcLE3CeTjGp3BkjKZ887oqFb4JqXja8Aa+361/OvU8/DmKDGDE:OcLEvX2Byq7vbjaAu61UmfE Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.47 KB
MD5 47cbd7fb498052421fabd14e932255e0 Copy to Clipboard
SHA1 cc59dfd0595eeea2feeff62e7ea326e2d875237f Copy to Clipboard
SHA256 2506c98b69df6e3ab8a6e9442dd9dc6a7412f09617c8a3a575f7ae7b50a75f8e Copy to Clipboard
SSDeep 48:TbORvzHL2jsgKP1BkD78g2mZHgb4E8zPRH6zJVhG/LNi0IvI1PxUPRrDbo:3OYQgpDNZHgboPRuQsvvIwrDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\OfficeMUISet.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.05 KB
MD5 07cabce851ca14ea1c58b3b066f6faff Copy to Clipboard
SHA1 ad5bb23ed491c0876b12329f1db919381e409c2b Copy to Clipboard
SHA256 d5592b0e1f8a0bde61d836c44022120d00763d4f8de78eb99cdf7407fd5ff7a0 Copy to Clipboard
SSDeep 24:onXSw+oRoNLlxtX1WeoZJdJl1AFmo58SS2XDvDva:GXSwBRoVftX1PoZJdv16mo58SS2XDba Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\pss10r.chm.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 26.79 KB
MD5 bc95b6dbc5045be3dc85b226af08ce26 Copy to Clipboard
SHA1 4b50a73ed61108c82dcdd15dc0053a24c5ceca9c Copy to Clipboard
SHA256 83ceae2ecf9945bbf37963a6b83d8cdb5fa78909466780e29fcb1bf6ec6b5d1a Copy to Clipboard
SSDeep 768:Ov+LdFhyEXTq1BP+qgAqg50hq6qQr86tH5wh:l3XTjDA3hQr8Th Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\setup.chm.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 65.85 KB
MD5 9639e8e4886ad8c989b0d5d1749237f0 Copy to Clipboard
SHA1 868aa4f18f0eed1647b372d01aa29ed21910274a Copy to Clipboard
SHA256 65b3c752faf76255e4c49d67ab81f3aecd50d278ef1c1a79d19a12e64f67255f Copy to Clipboard
SSDeep 1536:4HCgczIAo0iqfnKpSg6uqPyAcqfzfh/2WP+/STEq9x:0/tqfKpSCizpuiOSII Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0115-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 9.37 KB
MD5 7c4ed832b8136d7e2eaa64eea9fa78ab Copy to Clipboard
SHA1 efdfdac6e053b95ef3b0d92cc216c18a63caff2b Copy to Clipboard
SHA256 bc1d946793187d2b88835fac0a019a63bc138473b2a93d72e5623179f45941db Copy to Clipboard
SSDeep 192:rY0MfHFZppNT+ofqsjjO72zCwwI2vT9KE9S280aJAcHoLk6fs:rY0+F/+Y5jC2AIo9KEHPkAQoLk6k Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\AccessMUI.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.56 KB
MD5 dfe9ce6148f3351453e1bc1de0a9afc7 Copy to Clipboard
SHA1 ce79341bd1baae8649573f158fb7cb66ce5ce460 Copy to Clipboard
SHA256 d895632f7c250f214ce8d911085a83aef4d70f42bf280c2ed7df005b2178f47b Copy to Clipboard
SSDeep 24:RmU5rC/eVcaOyl2tE3VCdMgIJGTCRNlaVotDlwoePyPYKWSew3DvDvQ:RmGrRe19S3VCv2RyatDlZbAUew3DbQ Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\AccessMUISet.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.05 KB
MD5 567cb3ceeafae9a5ee19b07b557f2465 Copy to Clipboard
SHA1 c253ae6a151edf5c8a73187699b30d50f29f1b71 Copy to Clipboard
SHA256 a4c307b515b19b176b994d06deae12365caa406c75b3ff4c40b029fd4c4ed3ff Copy to Clipboard
SSDeep 24:XV98TVrhuS6V25EhMUsEGh958v3WS259DvDva:jgT168EGUsv38vt259Dba Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.80 KB
MD5 68068427c36aa84ae7de7631107f6c8c Copy to Clipboard
SHA1 484c96abe98467d661d14875fd7dd0a1fb25f9a4 Copy to Clipboard
SHA256 a980dbb6c95ef4418e75bc0aa0d64ae65962ee317d892f8a565fc4475c33f138 Copy to Clipboard
SSDeep 48:iE//+bInodfqSPepMWIlK2Z/WkKba+HncFP8Cd0QOXxDW8/mmUZJ+v9FUDbo:iE/WbTfAbIltYkUarP8Cd0QQW6mmKJid Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 4.42 KB
MD5 eb687978ac606a1fa23b3fedf0790f3a Copy to Clipboard
SHA1 1fef95b9714d22423a27be5189a2e6fa122925d9 Copy to Clipboard
SHA256 5e7eff2f88446c5cd5e7f7898b39bc228fe0a6f691f8cd0b6c1f30b72a9ce926 Copy to Clipboard
SSDeep 96:0h8ttFO2C9wrCyUfyxHvnvB6G+IkeRVK3VhgPyMI7Pa1m9j+Da:ftF9C9aUfyt3B6G3kQA3VgTI7qmpea Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 4.42 KB
MD5 60f0318b895dba25a1fb79f8455d35c6 Copy to Clipboard
SHA1 95f8eadd47502ea156dd49e1ec39a65e2aa9535c Copy to Clipboard
SHA256 b0d38a1d4e1ce46cc5ad7eb46808f1cda5cadc410a1b2169700066be8d3cdd64 Copy to Clipboard
SSDeep 96:ANt/rstqlafpnSheC5Hu+sToUZu+4pAPT/E4JyfdVjGlbqIPUHXGDa:AdUVSh95Xd8PT/NyLmbqIPuXGa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\ProPlusrWW.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 16.70 KB
MD5 4a8cad7fb1de251ac339cba2c6eb5520 Copy to Clipboard
SHA1 33640d1416a00714ef147687fe9712cc8f337da0 Copy to Clipboard
SHA256 067d6c7bc3dcf528495079834637a0ee14530eb4ee34cd7aa7aa1e4c55d2bf3c Copy to Clipboard
SSDeep 384:cdgwKyMtj5GVn2dcyhcN8P3KR2h67PpYGsq+g:cCPj5GVgRcuPVh672Dg Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-0011-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 30.60 KB
MD5 1652f4ab4d1293b5a8ff473f562c0a91 Copy to Clipboard
SHA1 c0ea0b69a31147140303997e15837b7831898bd1 Copy to Clipboard
SHA256 4b17d5e4e3b44481d94ccf3fdcdffe11ddfc8b904373b7052533096527ed2242 Copy to Clipboard
SSDeep 768:7jaB0yThmY0xb9gceuHk60+WI5vWfPw3r/SRNal:adkY0xgcM4E2Vl Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Office32WW.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 4.42 KB
MD5 afef27fff1ba481da107bb808e70628c Copy to Clipboard
SHA1 5b4bc0498f06cdf276e430f2e490a5e79ffbb4ff Copy to Clipboard
SHA256 f8112c00e862e5dd1af454c345706ce9f6c83572c1435c40e732d2ab23f425de Copy to Clipboard
SSDeep 96:/wy5h90dRSqHepAAgbRTJ8fczf7jDgdTG6mPa5S0OQZaBt6xVcrzBskPgOoHvDa:P5h90dRSqHrHbEfc3jDg1R55LOoa36LO Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0117-0409-1000-0000000FF1CE}-C\Access.en-us\branding.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 582.61 KB
MD5 e1b4376aab8fff534029e578433a1444 Copy to Clipboard
SHA1 71089b6cd1e0b989329951e3ad9ea786ececc4c5 Copy to Clipboard
SHA256 bb1adde2198698220fdfbcc6734f87a9a1fb8180305b6a2ed7858b0df55aa08f Copy to Clipboard
SSDeep 12288:gh8zl5KGf0F9mp0y+/YX+pZy02OP/0NtVNl1aGlGtoJxZ:a8JYw0Gp0y+/SW2fNtLDV Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\PrjProrWW.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 6.51 KB
MD5 4083cd96b50bfa2e1bed083a58299220 Copy to Clipboard
SHA1 ea1ef2fcac9b8e4d3c36b356d47b30b160cd7ead Copy to Clipboard
SHA256 bda3cec71fd762186f5e215c80012553c58ad8169bebd2b288fa83a3e0facd51 Copy to Clipboard
SSDeep 192:ZfYnipvQqRzPu7nZ82g91pYF0mTlweUgyd3RPrE:ZMi9RinZi91pg0kpUl3C Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-003B-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 16.52 KB
MD5 5ab598faf2bb02721ae21ad6b2763209 Copy to Clipboard
SHA1 34042a445cfad69fca1ff224c2229853861ad002 Copy to Clipboard
SHA256 486053c62d9da7a4ce7d64b8a3f368681bf7a9b724717f8ac804d3399e19005b Copy to Clipboard
SSDeep 384:PqY3NQEczOtHVlQdZJ22esQ6s9tQwTjswX7udk2bKxFBx:fNtnV4UNHhCdk2G7 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\Setup.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 20.33 KB
MD5 3aa58b0a8c2a68d250f5e5dd602b6588 Copy to Clipboard
SHA1 da20716be937a304d509f6c0905534c6d8e10cc1 Copy to Clipboard
SHA256 7731ad354f521d78590c0927e8a6be71f7a52b58459c2fa0b779af249081cfb3 Copy to Clipboard
SSDeep 384:KgMCzbPsUvWOMqmfMxoVjBlYiJhAnx5b4NnpTIPffx+T72nyhzvKp0w76hW4h8r:KgzzbkU+UmfM2VjBlYiUnxONpEPoT72R Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.EPS.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 14.94 KB
MD5 7385453c6a2b055b823fa961081872f7 Copy to Clipboard
SHA1 e80c69c28f1229fe8f4fdf81dc6f791c5b5db96d Copy to Clipboard
SHA256 fccd326cf4e1d51290982d297742d4f67610150953b486601bab562cff048457 Copy to Clipboard
SSDeep 384:JdwAC4kSYJFDSijvgp4pVHR5p428+iWxLiOW9l7+2UdgD:JdwAC4kS6DS0gSpJR5p/8zWNi99l7+2p Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{91140000-0057-0000-1000-0000000FF1CE}-C\VisiorWW.xml.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 8.76 KB
MD5 5d01f28e979b79cba1126e129cd6cb17 Copy to Clipboard
SHA1 1a3f0aaf64733dc7db00f62a5077c52a5f1dfdd6 Copy to Clipboard
SHA256 ebb44d5a556625c4fb10dcf1716e84fdd090cdcb449c735f6d0549995d90b78b Copy to Clipboard
SSDeep 192:pyJwmuxc553XO1gkisKFjxq3xT/ZHRo8d4rX93TsDmAfBA+u:dmu63e1BKLAp7Urt3ADTBG Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.GIF.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.27 KB
MD5 4bcc1d93f6f61c5ac9290b08ebb6f1af Copy to Clipboard
SHA1 9e983a8db2490b39e6d43cedd504c18746ea7205 Copy to Clipboard
SHA256 ac1d249b5506fbe2a76b6dcc936b85e52e6abe2fc63e974f00e6ebd6c167bc7d Copy to Clipboard
SSDeep 24:jVG1MgJsFeYSDt3kpIKDfll2h4tzjV9Mg2uUmkbZJyaiTDvDv2n:jofJCut3kpI8V9OiaiTDb2 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.JPG.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.27 KB
MD5 dbef8da3ab47356fdcbfd432f2cd3d95 Copy to Clipboard
SHA1 a42d0472c6d8cbf7cc0247e3767a7ee117fa1e7a Copy to Clipboard
SHA256 ee15ddf61cb72862216eba53a6c6d025da80a517a6b202d1f9eecd0e85cb062e Copy to Clipboard
SSDeep 24:46OECcTxZzmNdcDsMxh7juLmpNqNZZB3WRyJ7QxFfn/OtDvDv2n:4xECYxZqzMxhwmpNqvWRhvfnkDb2 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\GRPHFLT\MS.PNG.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.88 KB
MD5 a7f08ffa37700a87f0391634504760a8 Copy to Clipboard
SHA1 8fae5b7108b861862927a7bf2a55626c3f13d23f Copy to Clipboard
SHA256 d45f16d84357b6399f31b8226f525b56da526828394678208114bb160eac8979 Copy to Clipboard
SSDeep 48:F5VcDQ6RC+yYZVzv59u9esF1KXVowX9tuYeHmpJCkmtDb2:F0/Z58oPXJtt6GpJ+tDK Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.56 KB
MD5 fc8a9c14409fc2bac15155d4b5ca239c Copy to Clipboard
SHA1 cbb5e6d523d26772906d16851c2f72d244077c46 Copy to Clipboard
SHA256 11e88bbfb9330ee206a52f5ffb47ed46a310e2fda038489f6f67d22124db3457 Copy to Clipboard
SSDeep 48:M0ES0i1KcRjFolBQG3AyM6C2Qf6FwqZDbQ:LPtrRjkiGQgAqZDE Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\README.HTM.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.13 KB
MD5 32c2cc77dd46413cf99623bc0f3033d3 Copy to Clipboard
SHA1 9d2206ecc7f6267bfa33752cbe3368d66a22a768 Copy to Clipboard
SHA256 a10d8f04c6995b58adcce8187f826906d4b3d9e727dfc4e4bce1d99e0003c6d3 Copy to Clipboard
SSDeep 48:OuGsUHOz+Y8JGnrXAb2VOpXI8TT2M050DZJwvMHWdG6SnZqfKxnDb+:reS+BIUy0XI83x05SJwvQjZqQDC Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\ExcelMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.76 KB
MD5 32598c698092dbb2f04749cd67200e37 Copy to Clipboard
SHA1 310b70f949183401cb2ab9917f099ec34f868763 Copy to Clipboard
SHA256 95257e6e4d3b3cb0c8251d5d692f1458a27045d675ec3e6bbc8cd7881a00b142 Copy to Clipboard
SSDeep 24:z6/cmWJzS5j6/3nB7TzF64Cv61bwARX0GIqFmuAPB3GrMn+ILcmqcHowlDvDvS:z6/VQE29HF64Cv61L+5AgXo5cHowlDbS Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.80 KB
MD5 48c42e6629eaefd7f0b42a5654eaefde Copy to Clipboard
SHA1 56048a7484888a3cdd7224c0e899b79b067ed585 Copy to Clipboard
SHA256 c0d040667405a85eeb2320ac8b8e99b16e984ec51f6289a3020258f18d59631b Copy to Clipboard
SSDeep 48:AhyO0Blv+kn0Uqt0Y76b6fpmFp6VxWuk3YL8IiioF66fI9OeDs9mDP5VGU5Jn7yK:4XGvln0UqtMGfpmFp6VxWj3YL9c6u4D3 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\GrooveMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.14 KB
MD5 71c4f1f622c023035158abace1835142 Copy to Clipboard
SHA1 376ee004f8829068273a35681f75df008ec567b8 Copy to Clipboard
SHA256 49993a69180f6311c2dfb6f147d14d0d5b234233f28a6651631c3bfcc9f86538 Copy to Clipboard
SSDeep 24:Fo0smd0WuoZzFT9qnOUZ3fwimbXhwZwgDvDvQ:jsq0W5BF6G3zWZwgDbQ Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Excel.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.47 KB
MD5 ee6922f1b5a19f1d16f1727f45fcc600 Copy to Clipboard
SHA1 611c648562ad679751fb76fc81a77690b47aac27 Copy to Clipboard
SHA256 7c30664b0efcac51b031d90a7479f034ea17a49bf59b99e92ed0ced9ab9ad6ca Copy to Clipboard
SSDeep 48:K4dLtDhtGZdrb6M1UDyv/z+gC6H4Jr4ZcigdTcMnJha+5JN5P2tGrHDbo:KmZdtGuMWDa/pCXJrqcT1JN5P24DDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Groove.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.65 KB
MD5 6b1203ce4f658da9ec81454c806553e6 Copy to Clipboard
SHA1 759ed527a7d934d91a97eed5b572964a6b7aa904 Copy to Clipboard
SHA256 af5529fa508c2ae4570ea73dc754e8398985fa632efd5f5dbd9282082505839a Copy to Clipboard
SSDeep 24:3N6pTP1fGxO8BNBNNu0AFLCYMKADTQlZO7XzlvKRi5KircyiJ9YJogI6TbwqrdDs:wTP1fGxO8HyFLCrjzh5KHfg1bwqrdDbo Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\InfoPathMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.44 KB
MD5 7dbe3243cac6d8c5d08a965c24f1cdd5 Copy to Clipboard
SHA1 f96cada2e836b4d841af218839ce0814932bf1ae Copy to Clipboard
SHA256 3e21d4aa69ede330781373083c7ff2d31e0b5966db3a0019ebf23f3f28d7bab4 Copy to Clipboard
SSDeep 24:wvi56jD0Rtj0T8IfdZJjRC1ZHyfrBPdhleQHeLz3bfu/EvPy4wGgDvDvE:yi5636R0Ttfd7I1ZmlVhgzruQq4wbDbE Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\InfoPath.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.04 KB
MD5 8aac9dd6846bcafc47acbcf7e51fe100 Copy to Clipboard
SHA1 3bd6e23ae3e0ad4234e7266587b94b96f2e425d3 Copy to Clipboard
SHA256 a11061468eb618decace9b59d8f343660144585bda9d2294b2bd8cb89a568e5c Copy to Clipboard
SSDeep 48:tO9ffVPZiAjPTpzxNDjNoASdvn8nWCmIYi1tGrreDbo:s93VhXjPTpzxxaAO8WBliyrSDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Access.en-us\AccessMUISet.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.05 KB
MD5 cf230b5e19d53cc73b76cb08d14157a6 Copy to Clipboard
SHA1 5dd30b6534286995b2df7ee3a3ea0494210130dd Copy to Clipboard
SHA256 d0ce2e7dd2df740763191094de2f2e7309e75ba20247f2fa9e8379047932d940 Copy to Clipboard
SSDeep 24:IBqrbdwFRTB0WhYC3SYJNpZ+Aqm1iWWS2TdDvDva:I4rb2Fj0WOCCCNvUm1ig2TdDba Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OCT.CHM.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 69.80 KB
MD5 8522891d8b2f7f6ac6f81872f5a26fae Copy to Clipboard
SHA1 a2838ac8ef870cc8c3c909279c6ba7febf26d91a Copy to Clipboard
SHA256 4cff9159320783acec5ff3dc8dd94271c2ba9a874e076415dbd0484421e94736 Copy to Clipboard
SSDeep 1536:cu9dLIVjvYMNP/SkEXcxzx0LFKIAewjg3QjJ3nfxr5F:5dLIhhh/SzXcxzCFKIEjgKJ35r5F Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSCONFIG.CHM.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 37.04 KB
MD5 2ea8be4f13a22e19a3285ded836bc869 Copy to Clipboard
SHA1 b6c1031d995f06f840c9c9166f400995b4bd5ef8 Copy to Clipboard
SHA256 43d1ddefdca1eebad22623b6dde3273e29823a9f748ef4e430d10f2e03d369f8 Copy to Clipboard
SSDeep 768:D6Dod+AsOEowAbeabwtWjI5UgAygER4cbNXkWVW+F18ARpIK+Md0:J+A5ZI0I5wy/TRXrVbF2yIK+My Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10O.CHM.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 26.54 KB
MD5 68bf5db0f5f12328e467261920237779 Copy to Clipboard
SHA1 6f675d58d39a341be7f01c117d223332d3ce35a5 Copy to Clipboard
SHA256 56a54a4e32ccd9cdf2517bd8f1e4ad3d06fb29d9baf64a032be847f18153030e Copy to Clipboard
SSDeep 384:dCovE9hyHrJjIjNCXfA01QVr7rCBcyohd2GctSW+6EsvyHckZ2Rjh8PHoJ1QWzff:ZK8HrgQ5Q572zohd2TN+JCKcjRjeH2SM Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\PSS10R.CHM.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 26.79 KB
MD5 3549cb6e765c96bd279981b3744e45ac Copy to Clipboard
SHA1 728b76d8183478bb23f9c8086a1357131ec7b00c Copy to Clipboard
SHA256 78f5ac72b35c8ca2ff035e9c3032e0bf360d24e85284f6244c148bfe185859a2 Copy to Clipboard
SSDeep 768:HtqGnnGO9TeDvdV1OwwZsw9H2lZYKXE+XIZ9:8GGOApVw5pZ4K+xYL Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 5.67 KB
MD5 073d894268573128235a4151deecf5b6 Copy to Clipboard
SHA1 73392013f9f96052c23837b505b3a01a7fec3938 Copy to Clipboard
SHA256 0e7cfc665b38ed9e09161be825138dc3e39953c7faf76f18d06953ddf62d5956 Copy to Clipboard
SSDeep 96:oX2qlGyHNYbLhimlH6gVb2GA8+MEs0e0+PvJzTrhn/4Jpcq2gRpVkR91t52rWhJq:oXFDmfIiH6gNAaEs0sBZAJpcq23rarWa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 855.24 KB
MD5 fe4ca03b5fe515ed1a9e45cec51906c7 Copy to Clipboard
SHA1 917624e8f7aca439fb9952408f83bef5352e4615 Copy to Clipboard
SHA256 3fce2fc72d67d5fc86da2ec13bef4668b42ca9b1773bcc0d1fa3f4e7ba9f1290 Copy to Clipboard
SSDeep 12288:+fRsYsEb+fz1Mp6yE6Bq3cSyRH+IdjBBoQYYqHxd94cOcGp4kGlUq4Hk1+QjYf:+fqYsKPnL6clRvJVcwp4k4eH3Q4 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\BRANDING.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 582.61 KB
MD5 7139bc2efabde2a9d55e1dbdcb033b5a Copy to Clipboard
SHA1 212e11b43f8b21bc37691bcbaa49ab99e6fafdd3 Copy to Clipboard
SHA256 0723a1790930a8259037f72e8d73705a95dffe46143a691ce7db6fccda16572c Copy to Clipboard
SSDeep 12288:JXoWvTzlhB5ZUxzht9DLP9ep4sv+hxttzJ0faWBId2mlWu19jcIN6st:JXRzlUVhfDLVMkxtZJya3d2mlN6st Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\OfficeMUISet.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.05 KB
MD5 c2b423cd46abc28a6b3f47d71460b308 Copy to Clipboard
SHA1 1d126fadf82b9d025e2a548e1b7f73acc4d85288 Copy to Clipboard
SHA256 1136c777c4cf3d1675e4bd14aad121b383eca1a337b851e13cc8551e24fe070e Copy to Clipboard
SSDeep 24:3daDGpeUFdG84C7sTxwCGSwD11IXKKF2c3zuUDNbANS2TPFDvDva:3YDGoUFdG84DxwCFu1A7zuUDNAS2TdDm Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\Office32MUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.60 KB
MD5 faadfa748742e9383b6ce5fcbb0e67c7 Copy to Clipboard
SHA1 296a70b70f4483c31d2f78e0602274268c4d065e Copy to Clipboard
SHA256 1c7aec819b05ea9e2ac8e4bbe3e8a09b71becccddeffc2b856fbd5f893c734b5 Copy to Clipboard
SSDeep 48:wdTL+r8+1oVw8oWjWCcqfAFss681wQHDbE:wdnm8+Iw8FWsfeHDQ Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.54 KB
MD5 f43a5bee7401587c84bd01a7c35b4612 Copy to Clipboard
SHA1 42e474940633a13a79d9fbb0842b4c8c681d49b1 Copy to Clipboard
SHA256 b133c58a6aa52301b94b231fa403eda6c8ed0bc853d6bc63f0308b8ea43ec3f2 Copy to Clipboard
SSDeep 48:oGPS1kJdO+Vbo9JSnRN/d2m8Z9iE/Yahh2UmoaYxD8QrADbo:on1ctYSnRN/eZvRmotvMDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office32.WW\Office32WW.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 4.42 KB
MD5 cef644747bc3f64452ce285bd5219a3a Copy to Clipboard
SHA1 a78fc14f41ae4ab9bb21509e3c27b7f6ef99bc51 Copy to Clipboard
SHA256 bcd0e069518e13ea0e9974433a1d152e9324414d061d3eb341387c6f24cf0b3e Copy to Clipboard
SSDeep 96:63Fn7bSBF+0Fp0xTtTBTvdrcdeA03Z+dOCbbgkHTvBuSt3lDa:63F3SH3cbTus+dOCokHrBuS/a Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 9.37 KB
MD5 966cddf077feac7a96560e6065ff8f53 Copy to Clipboard
SHA1 9d7ec9cf65fa381258b773658e56d14ae864509d Copy to Clipboard
SHA256 92223a6d0b0dd9058c2c3997fd7eae9cc74af1e54134f867e05d4942494cd07f Copy to Clipboard
SSDeep 192:dOSEyg0gINuYV8zM37JFrl7QwW0bYv642jierdzYg0fs:I10g4uYukd5WuYv6rjiergk Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Office.en-us\SETUP.CHM.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 65.85 KB
MD5 415d3598f1cadc802dfbe159e7057a71 Copy to Clipboard
SHA1 2846cee6276e44bb2745847dcf87dd77131f1131 Copy to Clipboard
SHA256 9904954f27b20417ee2d7a5f656bb26cc10707927c3391aef242ec466d5f451a Copy to Clipboard
SSDeep 1536:+gXDhkC0krBH8ZiM+rTuy1tdZlGORaGTDce:+crrXYyHrVaGT9 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 860.74 KB
MD5 8f5d131c09cfa50b689326efc4e9d76e Copy to Clipboard
SHA1 a62a52774c0652a45fdc01b27fcecf3a029be191 Copy to Clipboard
SHA256 e3bebab3eb8d35ef629c02957a72c110da9fbddb5a751a8edc104116aa6fcd29 Copy to Clipboard
SSDeep 24576:VNFoaX6gW0Nqj+SlH279wjUSfIvpWAMW6h:VN7Ymqj+sH2hYcuV Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 865.24 KB
MD5 481798ee237e6be0f65b139f080b5a7f Copy to Clipboard
SHA1 5ca85b51c57b930a2568980566271c5910a37776 Copy to Clipboard
SHA256 892f702be2da0204fdb77a32c0bd0fd5256a8c2ab08ed5916376b39bd07e987a Copy to Clipboard
SSDeep 24576:rgywv0BXqcYQ+QvN5yEpdvYD5meiGEoA5a:MyJBJ+ON5ZdwmZLa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proofing.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 848.75 KB
MD5 9e584bd2789ec8bde67855157b452972 Copy to Clipboard
SHA1 bebfa04c27d63e81094ec8a72871456583cbb5ba Copy to Clipboard
SHA256 140d8c4ff6b0582eb717ebc838868f28873c196ad5778a9f581d3b3412e07678 Copy to Clipboard
SSDeep 24576:1bSsNn9EeIesiQHAmItFxxuRj277/79bBYjQFHEW+xk+25HFD:1oesi9f5xuRjW79bBYjU+qL5HFD Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 4.33 KB
MD5 d83be3f7fcc660e3281fe5c3e383d854 Copy to Clipboard
SHA1 58f7041a84f530635034c2c9d39ad0bc78b88f3d Copy to Clipboard
SHA256 8cce01636e93ee0187814336524676546a0426ae33266b9cf869ba653c9943c9 Copy to Clipboard
SSDeep 96:1y662ZkDAYNEt7LrK/WtZRiscTXavUy35tbHCRURnXgKvQm4HgDs:U6HZkDpKrxtZAprAliRgnQqQmDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\PowerPointMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 2b859b3051103e1d4341945a5f694ad9 Copy to Clipboard
SHA1 759520d69c688f031563c43041576229cdf73487 Copy to Clipboard
SHA256 1d9cd5e150b3c84f68a836d06eacd18537a851100c1866ea50ee5dbc5e995f8f Copy to Clipboard
SSDeep 24:90CfEGQKxoW8HnB2lyAk1HQ8IYql10HMU3O4anu3IJ54YtwhUPDvDvY:9RxodB2lyAk1H3sOJ2nu8NtwuDbY Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PowerPoint.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.07 KB
MD5 6c428a99bd467a17f009e33f70e3eac6 Copy to Clipboard
SHA1 10ab57137f9e3a00bb8ece44f4057f21bcf94104 Copy to Clipboard
SHA256 739ad1704c0e247fe762b6196eeee333f7537cb4b4e2eaa38c34727ada312e02 Copy to Clipboard
SSDeep 48:0BsEeJWlxmrU6jhuZ8pD1417BGHjsJIsUEDocyfPNmFoq1rxvBDbo:1WKFu+n4REDshkfnFq1vDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PRJPROR\PrjProrWW.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 6.51 KB
MD5 5ab9b67d1310871649e5225e8fcf5a7d Copy to Clipboard
SHA1 e1b5b1ad7704980a5973c7dfbbfe74e31baa84fd Copy to Clipboard
SHA256 904778c496a72c2b4d0ee3229d855e33b4bab5f4f7ac0d5242e3e8c91fbb5911 Copy to Clipboard
SSDeep 192:UdOz6v0lDCiWKR6gWP3tDeMAf1dXMwaSNKPqE:+OzTW7gs3tvAf1SwazPf Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\Office32MUI.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 853.75 KB
MD5 187818e71ace07982eb29e7b703156d8 Copy to Clipboard
SHA1 34b6af00c0e01094f60e4c6014242bbc85fd3304 Copy to Clipboard
SHA256 2a81e0fcf3164eefbf551e5c5fd811c7d749185096d1445a5c9a50037c41392e Copy to Clipboard
SSDeep 24576:1KYOwijgiOY9nDtoQX2YIISLVDbvuVG3frRrf:1KuY9D5GYIpvu09rf Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.18 KB
MD5 70b4f137319bd6172dfdcc0242ee1506 Copy to Clipboard
SHA1 8c1f8a55418f9e01ac9c6a69eecc07efa52ca95c Copy to Clipboard
SHA256 4c2f3e2bcec11faa81fae9937058e339af841d433723d53ca9613264eb27d45b Copy to Clipboard
SSDeep 48:R/QcIcmxCGizCKTaV9agGjQU/D/L4LQ2CBlcvfr6Dbo:2ckizCKTaLGsSLqrCBl+fGDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Project.en-us\ProjectMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 84572bf7485a43df971ccc6d77aae950 Copy to Clipboard
SHA1 56d9f72c3f8e68dfd57b2d5b07b423e211f95e93 Copy to Clipboard
SHA256 0cadd9dbcec5907d63bc3ca196ff175bb4e5325c595caa240cc1cc90100c9e82 Copy to Clipboard
SSDeep 48:uylvQPB4QKvUk2XNnD+/CSbwFwukwwtDbm:plIP+vuXBi/CaKwukDa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Project.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.07 KB
MD5 665f038a33d289e6cfdc2ca199ae28a5 Copy to Clipboard
SHA1 dcdcf9aca7e524b519fc07033d64ff0f9175417b Copy to Clipboard
SHA256 b54dfd386f30fd0e8e25556fe07b20f71520a1c3c1fd469d22dcab3c914b6c77 Copy to Clipboard
SSDeep 48:pTMBtwqiFYO4rrisTDUStgb0bpwfFg+KArIDbo:pTMBt5O4rvt3AMDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.en\Proof.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.55 KB
MD5 4e90bfbb6630d28a51f2f5bac8afec86 Copy to Clipboard
SHA1 ea28f96b552b8bbd8b4417ee5ad2b46c4576ca8d Copy to Clipboard
SHA256 b374baa5aa3b7836b7658e4b82f2771425f368656c9ab9504fd3ed5f722828b7 Copy to Clipboard
SSDeep 48:07vfdf+pLclH+z2vA8e00tjShoc7DfRmnDbo:uvf0pLclHM2neTtjShpDADs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\OneNote.en-us\OneNoteMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.81 KB
MD5 c67cf29707c7e58ca8819e5eea922ed9 Copy to Clipboard
SHA1 ae4b95aa9a6303bdcfd45d46436eede03c23fabd Copy to Clipboard
SHA256 fa8a6fd303c9c503bf0f28a8a58a6f72f60f1528b2550263ba98a4a336a4c51b Copy to Clipboard
SSDeep 48:hxIJsPsh2lKKjCxdb271L4hH0gmX0d/PnmOUKExabwWBDbm:vIJ+sQ5jC7bWgoXiUKBDa Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Outlook.en-us\OutlookMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 3.36 KB
MD5 e8b35b07faad21aabd8a95741853ccb9 Copy to Clipboard
SHA1 e94779d21af01f0d2da49e89efe2bfc3928ac34a Copy to Clipboard
SHA256 f614a90328cfe352b274c3c56bf95563f52b17edcf0a677dc73370926f0250b2 Copy to Clipboard
SSDeep 96:7pTVngtS0Ee0zxsOczUVHUBxkF9STHeySd9qDa:7WS0EeasuEyHSqca Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.fr\Proof.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 8bd9ec9c9146d09e6366b2cbb438c188 Copy to Clipboard
SHA1 d7755950d0b9c92500e189ef7891d670144d9eed Copy to Clipboard
SHA256 64cee7f49ee990710c81258af43810c6950d602fd681a97acae843f0899de2e9 Copy to Clipboard
SSDeep 48:2qGmRASWaFMkNlkMvXQKPGiK277l0/zDbo:2EWSMwkMf9GiKceDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PRJPROR\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 16.52 KB
MD5 786491e8af39de4ef0910a7839e72362 Copy to Clipboard
SHA1 2842a0dbb9c06a40367a7468e540d70ba20201a0 Copy to Clipboard
SHA256 4f41c400deb271c97f81f6212194996be25d43b7ac5204434e2d798f9a53d9ec Copy to Clipboard
SSDeep 384:ExA0gWwRZQmy6aWaHxioI26hbUNEPIhf/npboD:nZW9SoF6lIgY/npC Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proof.es\Proof.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.66 KB
MD5 9392bccbdb597b8c7970b40cf2da4d39 Copy to Clipboard
SHA1 d55819bcc27f740235d4f85937c78dac93e4e74b Copy to Clipboard
SHA256 b5d66b0af397b844d42673d62c9d4959a9e29cec7ca4dedd05caca590d46ad81 Copy to Clipboard
SSDeep 24:+WsJ8uNo4v8U7sz71B0dSdVPY/kU2mw1S1uGaEvBZi06irGg22+4dQ4VSMUhpmDs:+DJF+Ui8SdVoRdtnpH29b4VlUhgDbo Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\Proofing.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.03 KB
MD5 54461bd416c651c363c661f01d5ac91e Copy to Clipboard
SHA1 d7d34eb05923ce42aff4d464bfa77ecc11d1b57d Copy to Clipboard
SHA256 b053cad64331cedaa589a475d7afad0ab572cd2742b8d5cc712f63947660c874 Copy to Clipboard
SSDeep 24:ewbEz5CuQAoDKHbK6Wd6qEl0n6xUP5beFlfZ0MiWn8HCGDvDvS:ewYztLoqWi0Fhe5iW8iGDbS Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Proofing.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 5.97 KB
MD5 57da0ebe586b7927be67e6bbe5e3cd9c Copy to Clipboard
SHA1 e3ab6142931aec06eae8a0b4437689c7bc9c5f86 Copy to Clipboard
SHA256 99aea386d891f834bf359a28cf2fd1bc3e9174f62f432ac977ac6fba38aa4146 Copy to Clipboard
SSDeep 96:8aeDEOBACch3sqeR6bBA88GlrmsvUh+mCexj4cocqzFztxkAlHgHq5vZxE3HDs:8aAvmLhCklv8QCsvUh+mCqodceD5vZEs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUSR\ProPlusrWW.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 16.70 KB
MD5 5b6db499d63b8453842eb833e60eac33 Copy to Clipboard
SHA1 0bd705d4e490068d77ab2fe981b08966cbbbc434 Copy to Clipboard
SHA256 7c16fb45a1b581bc2242068aa6b78ceb4caa8294346e874eed620d6515069815 Copy to Clipboard
SSDeep 384:efFICg8RSk3zt/VXCIwKfVu4vKQ7ELWz1V43r3jJnskNgPtd:vpE35/9fwKfpvjmkV43r3jJskNgVd Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Visio.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 6.33 KB
MD5 807c39f839bd790c6286fd2c1e80bf9b Copy to Clipboard
SHA1 24243cf14a3d5b966e4d5333cf344e7043e03ed4 Copy to Clipboard
SHA256 8559d4e7aed9429473dd876449c1f063de56f5d7265ee65746938f43b5dd6abe Copy to Clipboard
SSDeep 192:ibf6fzCG9E0R8ghUz+I6ogeO7A8RyirUs:e6eG+0b7bFl9 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Visio.en-us\VisioMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 9.51 KB
MD5 e326ac0458cf466e174955c78218551c Copy to Clipboard
SHA1 84ce7def33f4054db7aa99c94f4e4147ef1a98c9 Copy to Clipboard
SHA256 721ed887f4d19f0a567597baa11414dc47b7c436f918e1d21dff2dce362b8331 Copy to Clipboard
SSDeep 192:OBZQ7AVt7Gv6D3P/te8wtlTTaWONhF137PjEn6n3i1gMAAVFOu:O3Q8vthwtlTmW8hFl7PjEbRAAVFd Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\VISIOR\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 20.33 KB
MD5 ace5442a6042bc25d12948a629f9347e Copy to Clipboard
SHA1 2b6dd0875e21f9659542a059968926d7d7dda325 Copy to Clipboard
SHA256 ecd86b4815a116c67f7a24e9e314abe1a0a69aec29b0e40ef2ab61bd6fe54761 Copy to Clipboard
SSDeep 384:7WxUycRPSC/wNigYTl+fvMZqkz066RB3feubT50v1lmmPwpRzlEA6w//u:74UPSkAF6Y7RBtwmm4pRlR6eG Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\PROPLUSR\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 30.60 KB
MD5 21ab09dcafc81a7b69f61f5dc53382ae Copy to Clipboard
SHA1 f095d1d6e9e96f75c80af32d7032210f23ebd502 Copy to Clipboard
SHA256 6e747e7dd411215fbba28a04091c036d85307d32bbf40918f56eb16968d8b03c Copy to Clipboard
SSDeep 384:oF4u8p4LKLSDEdqjqh0VcjZCxF2LONgwg4gm/ORhZ/lHIP5V09JS74iNFDSKg5:7u8p4LKuD452Q/wgXmu/lW0k0iuT Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\SETUP.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 2.60 KB
MD5 6559172357fed7c90c2a97840debbd2d Copy to Clipboard
SHA1 aa426832353450660396e9c08bca8f9e46a5f5a4 Copy to Clipboard
SHA256 591279867749521cd282071a8d7513a26020cc0c845f2045f9f3beb7745b164d Copy to Clipboard
SSDeep 48:5/dRLwemVNUguKFoxm2a9We6XsvTikr+VoZ9V4QxlrrMDbo:3fgf6m2aL57nQDs Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Word.en-us\WordMUI.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 1.99 KB
MD5 34224137052cc7b900ca3cdcc12f66c1 Copy to Clipboard
SHA1 b5e13677a5073797b00beb273d78850de6cef1e2 Copy to Clipboard
SHA256 7b51044f5219d8278950c19ae185e2e6e6b2bd6b92677fc6c0796ce48545b5bb Copy to Clipboard
SSDeep 48:tKtiO3BspDFiw22eFGXcExWGxjK/IaTawmDb8:tqiOxspDE2eADWGhKga+DY Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\VISIOR\VisiorWW.XML.id-9C354B42.[paydra@cock.li].html Dropped File Text
Malicious
»
Mime Type text/html
File Size 8.76 KB
MD5 96faab60817fdad03798692728958ab8 Copy to Clipboard
SHA1 a4140d37242c67ab7997eb7796c9174abc00c01a Copy to Clipboard
SHA256 afc86e835d350ac1ce05729c598344be301f3839e28041c265e405d7ef166c39 Copy to Clipboard
SSDeep 192:Py6UI1ASJtEqHu5jCBOEGwLCrBrTuJz+7t95VWuEVUH6+7iA3Whu:PF51ACxhTGwLC9uchYuAUtvm0 Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
YARA Matches (1)
»
Rule Name Rule Description Classification Severity Actions
DharmaEncryptedFile File encrypted by Dharma Ransomware Ransomware
Malicious
C:\$Recycle.Bin\S-1-5-21-3388679973-3930757225-3770151564-1000\desktop.ini.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 378 bytes
MD5 39f69abfdc92f896f3ac5dca85b1e089 Copy to Clipboard
SHA1 547512255c1a12733caf02b15c42ff3e0fe13c9d Copy to Clipboard
SHA256 b7849a9bc3b386212049f2430f72235f88b436825520120d2f8e2ecf1a2d52d8 Copy to Clipboard
SSDeep 6:/cSLEQUGAtGJNDrTcPrZ5oAcm6WC3+1bVGKdlvfDnmWqXb8vI+4xFI3JmIO8W:/BUyryN5o7VNqbVvFqwvDvFOV Copy to Clipboard
Parser Error Remark Static analyzer was unable to completely parse the analyzed file
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PowerPointMUI.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 3.14 MB
MD5 00706081ddaba7602cba636353673fd2 Copy to Clipboard
SHA1 373f3487abace5dd1390a3a6d78159575b2a6386 Copy to Clipboard
SHA256 8eb3d98cd93cd534cc9fcf2547b66aa0c6bb0d1d93a85b6a5366ea2096cfb4d2 Copy to Clipboard
SSDeep 49152:zDxL8QBo6Tex4S120ytJyHeOM1p/yFR424Sh2N:zR89j1fezPKrh4EI Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-0018-0409-1000-0000000FF1CE}-C\PptLR.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 67.85 MB
MD5 6b078cbccbab0d5edeaa1d85f11ba58a Copy to Clipboard
SHA1 66820f091ea72f244d2d2019748cbda0b7b9702d Copy to Clipboard
SHA256 7597007b7fd82fa6fc079ad255cc80561c20be4bc515df7968b4b0e377292774 Copy to Clipboard
SSDeep 196608:H4KKCX5FvaeoDcBdxmOJR7nxOKOmE7dzaNQwr:H4KKCX5FvaVczxmUJnYSE7dzAT Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelMUI.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 3.14 MB
MD5 383f14e065576e6e86994f55629e300d Copy to Clipboard
SHA1 7734f50dd541b946c7cc9281a9b51852ec67555e Copy to Clipboard
SHA256 da0278f035857ddb363c3f0438fc7ba528b401688d712c5c878fded69966f0ee Copy to Clipboard
SSDeep 49152:zDxL8QBo0Tex4S120ytJy9jH3cmWCftA5:zR89t11jH3c1Wt6 Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-0016-0409-1000-0000000FF1CE}-C\ExcelLR.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 16.94 MB
MD5 2fb10a322517f7cbfb3a6cfe3f7ec571 Copy to Clipboard
SHA1 f50dbea0bf05e4a4f73abb265fef52fa43db4e07 Copy to Clipboard
SHA256 5ef870f132dab830dd5380a5f66f2db9ead790ee6610fc191c638c2aecd616a4 Copy to Clipboard
SSDeep 196608:6a8A7fKP0ReD0wXKLUEfRrDXP2ifogB2jHcSBLWiyvyWJRMLhdPWfi:6aRDKP0q0wM9JrL2ifJcjhW/6vL3Ai Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PublisherMUI.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 3.15 MB
MD5 fb5949118ec2e50302417d3c59a253a2 Copy to Clipboard
SHA1 313ffe9adaeb76bed0fa0e9bfa534c0e1b38ff1a Copy to Clipboard
SHA256 acf3c8fb625b4f07f0c81fc84f7d306ee913a2dafc868dca8021b2f70a2841b8 Copy to Clipboard
SSDeep 49152:zDxL8QBonTex4S120ytJyZs9kI94n+kVYa:zR89K1DjV/ Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-0019-0409-1000-0000000FF1CE}-C\PubLR.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 10.25 MB
MD5 162692d0dffd7d5527401f5101368a96 Copy to Clipboard
SHA1 c58a26f3a0ffac269ab9b1198e269b18b8804b57 Copy to Clipboard
SHA256 7996318a72722416d7601eb47bed507bf806afca975bc6603b3f116dfa91b94f Copy to Clipboard
SSDeep 196608:aPUvTYpH9RBl/tus7o4L7tZiTnp/jE4U/bxlLRx+1VH:MUvTiNhU4L7tZiTnprP0txRsDH Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlkLR.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 14.88 MB
MD5 0132354deb06c352353675fce278a129 Copy to Clipboard
SHA1 82f447263c0d4d83d398af15034413083edcbc35 Copy to Clipboard
SHA256 8e5451128ff68d309300dd54c2a3bb83f196e6fefb39f1e8d6b7c24b8a6f7307 Copy to Clipboard
SSDeep 196608:TIwm3nNVAl+ig71eZ8FclBElWHEbyLbyo9crpLlR8ioLO0ZF9CrpbQ:OL71eiFge/GHyo2rpLkcoCrpbQ Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\Program Files\Common Files\Microsoft Shared\OFFICE14\1033\ADO210.CHM.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 2.35 MB
MD5 ab63dfa40f4441f173d21823714955b2 Copy to Clipboard
SHA1 a89b73dffbd43e0e64079874227b3456200527d8 Copy to Clipboard
SHA256 35bb5fd0c2fb5d73e766b5b1a67d75c6549aba9fb9a09f0de04badde2f927762 Copy to Clipboard
SSDeep 49152:R0opH/cgHa3HRxz+4g6bqJFgxPjrwz+tRlI:R0op1Har+BO+CtPI Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordLR.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 42.53 MB
MD5 4fb6c079967f604d4b8cdf477caf6de0 Copy to Clipboard
SHA1 a8777ca0e49e5d98d01a6b007c7b62b5dffb5b63 Copy to Clipboard
SHA256 9fac05c1ffc4b8060b0a5b942d35cc90c0bff012af1a00a6712c6d03018b083f Copy to Clipboard
SSDeep 196608:MaurJM4k8IMj3kMxfGbWaxJMKMA4JxuiNQG3A2r7rfiSFhysD8uxDxKj:EOn8IQkM2BFEx96G3AUf7FnzKj Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-001A-0409-1000-0000000FF1CE}-C\OutlookMUI.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 3.48 MB
MD5 7ab8de8de42d0212baf2e4289a86fa6b Copy to Clipboard
SHA1 0012438805fdc3b994a2fcccf9d2cb0d18752198 Copy to Clipboard
SHA256 c976747f95e7643923c69a0ce2cc37048ad9eb2f2e2a81b9831391411e3991c6 Copy to Clipboard
SSDeep 49152:fHYLL/WoWLljb1R6rOSN20yRJ6fJDTLaTqwIqZf0ehYif:fqLVW6v1DTGTiqZf08l Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-001B-0409-1000-0000000FF1CE}-C\WordMUI.msi.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 3.16 MB
MD5 42e749e0c4c5709ec38e98cbaedfe462 Copy to Clipboard
SHA1 09d7279c63ba09f15198a9fb4d9dd0e4052851b3 Copy to Clipboard
SHA256 e2fd930738361070dbd0d959565954922d31b8222c605186c47f991f5f4ba60e Copy to Clipboard
SSDeep 49152:zDxL8QBoSTex4S120ytJyKibQFUzR3Bu2V:zR89r1PNVV Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.en\Proof.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 11.70 MB
MD5 052b4a3aaf24e1879297e0f1408c7662 Copy to Clipboard
SHA1 ccf2d2087988828f8117c27f1ec3ccaf4b5b926d Copy to Clipboard
SHA256 6c23fd16b44e1eefdf52ac7ad99a1fc46a9b4b3e77c6643dd26d1ad79a2d1021 Copy to Clipboard
SSDeep 196608:Vf1gRyjQR9g8YYIcjfXontQdQGzFZaGkGdN7p06H1JX/WanfW/OIV0h:V1WbR9YY5AJGBZWGRz1kaza0h Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.fr\Proof.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 20.84 MB
MD5 3d0e1f18676626331ffefafe53b18248 Copy to Clipboard
SHA1 80d370bf723a4b00b769c1a7266d63de82280ab0 Copy to Clipboard
SHA256 9ceac29cec7a9772266c3c6ed68bc7f25dcb38c12c388fe9f21e58890e9cf26f Copy to Clipboard
SSDeep 196608:PFNUxdiOm1j3/abCsYwFOSQo2pWDOQs4hW6s63HS:qPmN3/abtYIQoROQ93RS Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-002C-0409-1000-0000000FF1CE}-C\Proof.es\Proof.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 13.76 MB
MD5 42ac6eff5aa1dad153cb32ec3d616e43 Copy to Clipboard
SHA1 8d8693b1d4aa27f2f48345e6f2e760c5f205d163 Copy to Clipboard
SHA256 b8984acb419b90aab0f7fd9addaa90b10847e75aeaabfde74fc133085adf3455 Copy to Clipboard
SSDeep 196608:Yu6eDsIwHBL4B9lCzT2bOgcDuihGYrLpVUBJ/7HAFGtNy6aMhnRTU+:WqsIwHNB26gVE7e/7JNMM5RTU+ Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-0044-0409-1000-0000000FF1CE}-C\InfLR.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 18.75 MB
MD5 06e69471c0bb81eb102e539f0a04490d Copy to Clipboard
SHA1 e0e8dbed58bcba38c03ab546d7753d1f973df44f Copy to Clipboard
SHA256 b53484f0eccebe76bbdf0262097d8f747d5a05d0e569a544452eb328aada91bc Copy to Clipboard
SSDeep 196608:iaDH9F7/iHXDI2CPKBUq6qMuGm9vqExoi93nnedBwzSlmKwDhANZbPhn:DDdFDX2J5uuGyCfi9uIQmlANRh Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
C:\MSOCache\All Users\{90140000-0043-0409-1000-0000000FF1CE}-C\OWOW32LR.cab.id-9C354B42.[paydra@cock.li].html Dropped File Text
Unknown
»
Mime Type text/html
File Size 3.54 MB
MD5 c5d19ce6d46b0119369fbac9cb156daa Copy to Clipboard
SHA1 560a22b927645d5e62a63ee7c14190527cf9493c Copy to Clipboard
SHA256 7a0e5f93cf4ce49eae221e6e1f938ef94438dd99832daf7004ae9e0da55cbd77 Copy to Clipboard
SSDeep 98304:zDMUwxyODPFhbY12HLodiF4+5riT6PQ4N:z4UwVthio4z54N Copy to Clipboard
Error Remark Could not parse sample file: No HTML root found
Function Logfile
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Before

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
After

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting "security.fileuri.strict_origin_policy".


    
Screenshot
Expand-Icon
Exit-Icon
icon_left
icon_left
image