Remarks
This is a filtered view
This list contains only the embedded files, downloaded files, and dropped files
There are no files for this filter
There are no files in this analysis
|
Filename
|
Category
|
Type
|
Severity
|
Actions
|
|
Also Known As
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MicosoftSearch.exe (Dropped File)
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MicosoftSearch.exe (Dropped File)
C:\Windows\System32\MicosoftSearch.exe (Dropped File)
|
|
Mime Type
|
application/vnd.microsoft.portable-executable
|
|
File Size
|
377.00 KB
|
|
MD5
|
d1487253cee49b68aebae1481e34f8fd
|
|
SHA1
|
6e068c1f4078e3764229dbf6e6ba3412136e7304
|
|
SHA256
|
ac4a4747011aa436dda454c1cc59e5002d63847bdb67836589cd756f09c39f79
|
|
SSDeep
|
6144:D4bb3UegtamZ87yJwLhoVK9fwlb9Zx/A:D4bbM787yytoVkwZx/A
|
|
ImpHash
|
2e2255c9f845165ea64424441c1e8dfc
|
|
Parser Error Remark
|
Static analyzer was unable to completely parse the analyzed file
|
|
Severity
|
|
|
First Seen
|
2019-07-06 14:28 (UTC+2)
|
|
Last Seen
|
2019-07-08 00:57 (UTC+2)
|
|
Names
|
Win32.Trojan.Kryptik
|
|
Families
|
Kryptik
|
|
Classification
|
Trojan
|
|
Image Base
|
0x400000
|
|
Entry Point
|
0x424e1d
|
|
Size Of Code
|
0x44c00
|
|
Size Of Initialized Data
|
0x4f1600
|
|
File Type
|
FileType.executable
|
|
Subsystem
|
Subsystem.windows_gui
|
|
Machine Type
|
MachineType.i386
|
|
Compile Timestamp
|
2017-11-21 10:15:57+00:00
|
|
Name
|
Virtual Address
|
Virtual Size
|
Raw Data Size
|
Raw Data Offset
|
Flags
|
Entropy
|
|
.text
|
0x401000
|
0x44b3a
|
0x44c00
|
0x400
|
IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
|
6.06
|
|
.rdata
|
0x446000
|
0x5e5b
|
0x6000
|
0x45000
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
|
3.62
|
|
.data
|
0x44c000
|
0x4dc2a8
|
0x4200
|
0x4b000
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
|
1.2
|
|
.idata
|
0x929000
|
0x1cd0
|
0x1200
|
0x4f200
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
|
3.59
|
|
.rsrc
|
0x92b000
|
0x8afc
|
0x8c00
|
0x50400
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
|
5.31
|
|
.reloc
|
0x934000
|
0x5363
|
0x5400
|
0x59000
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
|
2.77
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
ExitProcess
|
0x0
|
0x9292d8
|
0x5290b8
|
0x4f2b8
|
0x104
|
|
LocalAlloc
|
0x0
|
0x9292dc
|
0x5290bc
|
0x4f2bc
|
0x2f9
|
|
GetSystemWow64DirectoryW
|
0x0
|
0x9292e0
|
0x5290c0
|
0x4f2c0
|
0x254
|
|
SetCommMask
|
0x0
|
0x9292e4
|
0x5290c4
|
0x4f2c4
|
0x39e
|
|
lstrcpyA
|
0x0
|
0x9292e8
|
0x5290c8
|
0x4f2c8
|
0x4af
|
|
GetModuleHandleA
|
0x0
|
0x9292ec
|
0x5290cc
|
0x4f2cc
|
0x1f6
|
|
GetTickCount
|
0x0
|
0x9292f0
|
0x5290d0
|
0x4f2d0
|
0x266
|
|
lstrcatA
|
0x0
|
0x9292f4
|
0x5290d4
|
0x4f2d4
|
0x4a6
|
|
GetProcAddress
|
0x0
|
0x9292f8
|
0x5290d8
|
0x4f2d8
|
0x220
|
|
GetNumberOfConsoleMouseButtons
|
0x0
|
0x9292fc
|
0x5290dc
|
0x4f2dc
|
0x212
|
|
EnumDateFormatsA
|
0x0
|
0x929300
|
0x5290e0
|
0x4f2e0
|
0xdf
|
|
InterlockedIncrement
|
0x0
|
0x929304
|
0x5290e4
|
0x4f2e4
|
0x2c0
|
|
InterlockedDecrement
|
0x0
|
0x929308
|
0x5290e8
|
0x4f2e8
|
0x2bc
|
|
Sleep
|
0x0
|
0x92930c
|
0x5290ec
|
0x4f2ec
|
0x421
|
|
InterlockedExchange
|
0x0
|
0x929310
|
0x5290f0
|
0x4f2f0
|
0x2bd
|
|
InitializeCriticalSection
|
0x0
|
0x929314
|
0x5290f4
|
0x4f2f4
|
0x2b4
|
|
DeleteCriticalSection
|
0x0
|
0x929318
|
0x5290f8
|
0x4f2f8
|
0xbe
|
|
EnterCriticalSection
|
0x0
|
0x92931c
|
0x5290fc
|
0x4f2fc
|
0xd9
|
|
LeaveCriticalSection
|
0x0
|
0x929320
|
0x529100
|
0x4f300
|
0x2ef
|
|
RaiseException
|
0x0
|
0x929324
|
0x529104
|
0x4f304
|
0x35a
|
|
GetLastError
|
0x0
|
0x929328
|
0x529108
|
0x4f308
|
0x1e6
|
|
HeapFree
|
0x0
|
0x92932c
|
0x52910c
|
0x4f30c
|
0x2a1
|
|
TerminateProcess
|
0x0
|
0x929330
|
0x529110
|
0x4f310
|
0x42d
|
|
GetCurrentProcess
|
0x0
|
0x929334
|
0x529114
|
0x4f314
|
0x1a9
|
|
UnhandledExceptionFilter
|
0x0
|
0x929338
|
0x529118
|
0x4f318
|
0x43e
|
|
SetUnhandledExceptionFilter
|
0x0
|
0x92933c
|
0x52911c
|
0x4f31c
|
0x415
|
|
IsDebuggerPresent
|
0x0
|
0x929340
|
0x529120
|
0x4f320
|
0x2d1
|
|
RtlUnwind
|
0x0
|
0x929344
|
0x529124
|
0x4f324
|
0x392
|
|
GetStartupInfoW
|
0x0
|
0x929348
|
0x529128
|
0x4f328
|
0x23a
|
|
LCMapStringA
|
0x0
|
0x92934c
|
0x52912c
|
0x4f32c
|
0x2e1
|
|
WideCharToMultiByte
|
0x0
|
0x929350
|
0x529130
|
0x4f330
|
0x47a
|
|
MultiByteToWideChar
|
0x0
|
0x929354
|
0x529134
|
0x4f334
|
0x31a
|
|
LCMapStringW
|
0x0
|
0x929358
|
0x529138
|
0x4f338
|
0x2e3
|
|
GetCPInfo
|
0x0
|
0x92935c
|
0x52913c
|
0x4f33c
|
0x15b
|
|
HeapAlloc
|
0x0
|
0x929360
|
0x529140
|
0x4f340
|
0x29d
|
|
HeapCreate
|
0x0
|
0x929364
|
0x529144
|
0x4f344
|
0x29f
|
|
HeapDestroy
|
0x0
|
0x929368
|
0x529148
|
0x4f348
|
0x2a0
|
|
VirtualFree
|
0x0
|
0x92936c
|
0x52914c
|
0x4f34c
|
0x457
|
|
FatalAppExitA
|
0x0
|
0x929370
|
0x529150
|
0x4f350
|
0x10b
|
|
VirtualAlloc
|
0x0
|
0x929374
|
0x529154
|
0x4f354
|
0x454
|
|
HeapReAlloc
|
0x0
|
0x929378
|
0x529158
|
0x4f358
|
0x2a4
|
|
GetModuleHandleW
|
0x0
|
0x92937c
|
0x52915c
|
0x4f35c
|
0x1f9
|
|
TlsGetValue
|
0x0
|
0x929380
|
0x529160
|
0x4f360
|
0x434
|
|
TlsAlloc
|
0x0
|
0x929384
|
0x529164
|
0x4f364
|
0x432
|
|
TlsSetValue
|
0x0
|
0x929388
|
0x529168
|
0x4f368
|
0x435
|
|
TlsFree
|
0x0
|
0x92938c
|
0x52916c
|
0x4f36c
|
0x433
|
|
SetLastError
|
0x0
|
0x929390
|
0x529170
|
0x4f370
|
0x3ec
|
|
GetCurrentThreadId
|
0x0
|
0x929394
|
0x529174
|
0x4f374
|
0x1ad
|
|
GetCurrentThread
|
0x0
|
0x929398
|
0x529178
|
0x4f378
|
0x1ac
|
|
WriteFile
|
0x0
|
0x92939c
|
0x52917c
|
0x4f37c
|
0x48d
|
|
GetStdHandle
|
0x0
|
0x9293a0
|
0x529180
|
0x4f380
|
0x23b
|
|
GetModuleFileNameA
|
0x0
|
0x9293a4
|
0x529184
|
0x4f384
|
0x1f4
|
|
GetModuleFileNameW
|
0x0
|
0x9293a8
|
0x529188
|
0x4f388
|
0x1f5
|
|
FreeEnvironmentStringsW
|
0x0
|
0x9293ac
|
0x52918c
|
0x4f38c
|
0x14b
|
|
GetEnvironmentStringsW
|
0x0
|
0x9293b0
|
0x529190
|
0x4f390
|
0x1c1
|
|
GetCommandLineW
|
0x0
|
0x9293b4
|
0x529194
|
0x4f394
|
0x170
|
|
SetHandleCount
|
0x0
|
0x9293b8
|
0x529198
|
0x4f398
|
0x3e8
|
|
GetFileType
|
0x0
|
0x9293bc
|
0x52919c
|
0x4f39c
|
0x1d7
|
|
GetStartupInfoA
|
0x0
|
0x9293c0
|
0x5291a0
|
0x4f3a0
|
0x239
|
|
QueryPerformanceCounter
|
0x0
|
0x9293c4
|
0x5291a4
|
0x4f3a4
|
0x354
|
|
GetCurrentProcessId
|
0x0
|
0x9293c8
|
0x5291a8
|
0x4f3a8
|
0x1aa
|
|
GetSystemTimeAsFileTime
|
0x0
|
0x9293cc
|
0x5291ac
|
0x4f3ac
|
0x24f
|
|
GetACP
|
0x0
|
0x9293d0
|
0x5291b0
|
0x4f3b0
|
0x152
|
|
GetOEMCP
|
0x0
|
0x9293d4
|
0x5291b4
|
0x4f3b4
|
0x213
|
|
IsValidCodePage
|
0x0
|
0x9293d8
|
0x5291b8
|
0x4f3b8
|
0x2db
|
|
GetLocaleInfoA
|
0x0
|
0x9293dc
|
0x5291bc
|
0x4f3bc
|
0x1e8
|
|
GetStringTypeA
|
0x0
|
0x9293e0
|
0x5291c0
|
0x4f3c0
|
0x23d
|
|
GetStringTypeW
|
0x0
|
0x9293e4
|
0x5291c4
|
0x4f3c4
|
0x240
|
|
HeapSize
|
0x0
|
0x9293e8
|
0x5291c8
|
0x4f3c8
|
0x2a6
|
|
SetConsoleCtrlHandler
|
0x0
|
0x9293ec
|
0x5291cc
|
0x4f3cc
|
0x3a7
|
|
GetTimeFormatA
|
0x0
|
0x9293f0
|
0x5291d0
|
0x4f3d0
|
0x268
|
|
GetDateFormatA
|
0x0
|
0x9293f4
|
0x5291d4
|
0x4f3d4
|
0x1ae
|
|
GetUserDefaultLCID
|
0x0
|
0x9293f8
|
0x5291d8
|
0x4f3d8
|
0x26d
|
|
EnumSystemLocalesA
|
0x0
|
0x9293fc
|
0x5291dc
|
0x4f3dc
|
0xf8
|
|
IsValidLocale
|
0x0
|
0x929400
|
0x5291e0
|
0x4f3e0
|
0x2dd
|
|
InitializeCriticalSectionAndSpinCount
|
0x0
|
0x929404
|
0x5291e4
|
0x4f3e4
|
0x2b5
|
|
FreeLibrary
|
0x0
|
0x929408
|
0x5291e8
|
0x4f3e8
|
0x14c
|
|
LoadLibraryA
|
0x0
|
0x92940c
|
0x5291ec
|
0x4f3ec
|
0x2f1
|
|
GetLocaleInfoW
|
0x0
|
0x929410
|
0x5291f0
|
0x4f3f0
|
0x1ea
|
|
GetTimeZoneInformation
|
0x0
|
0x929414
|
0x5291f4
|
0x4f3f4
|
0x26b
|
|
CompareStringA
|
0x0
|
0x929418
|
0x5291f8
|
0x4f3f8
|
0x52
|
|
CompareStringW
|
0x0
|
0x92941c
|
0x5291fc
|
0x4f3fc
|
0x55
|
|
SetEnvironmentVariableA
|
0x0
|
0x929420
|
0x529200
|
0x4f400
|
0x3d0
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
GetTextExtentPointW
|
0x0
|
0x9292a4
|
0x529084
|
0x4f284
|
0x208
|
|
CreateEnhMetaFileA
|
0x0
|
0x9292a8
|
0x529088
|
0x4f288
|
0x38
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
GetSecurityDescriptorGroup
|
0x0
|
0x929270
|
0x529050
|
0x4f250
|
0x143
|
|
SetThreadToken
|
0x0
|
0x929274
|
0x529054
|
0x4f254
|
0x2bb
|
|
Name
|
Process ID
|
Start VA
|
End VA
|
Dump Reason
|
PE Rebuilds
|
Bitness
|
Entry Points
|
AV
|
YARA
|
Actions
|
|
micosoftsearch.exe
|
1
|
0x00400000
|
0x00939FFF
|
Relevant Image
|
-
|
32-bit
|
-
|
|
|
|
|
buffer
|
1
|
0x00B51D98
|
0x00B69BE7
|
Marked Executable
|
-
|
32-bit
|
-
|
|
|
|
|
buffer
|
1
|
0x00B51D98
|
0x00B69BE7
|
Content Changed
|
-
|
32-bit
|
0x00B526C3, 0x00B51D98
|
|
|
|
|
Threat Name
|
Severity
|
|
Gen:Variant.Graftor.594411
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
64.25 KB
|
|
MD5
|
cfda674c379bde8e9e139a020fcaa7fa
|
|
SHA1
|
411a0404e24823b8a71c9f53bfaa9f2a649c1794
|
|
SHA256
|
2b981a2f92dcef136fc9697eab54ac1c1a0d7a29098d18da02b048488fb2fb8e
|
|
SSDeep
|
1536:rL/F/zEky+7ZIF+hAqbSwf9X9Q3ExVBPW9jUbhXodmgM4:X/5yuZHbbSwf59QeBqjUt4Y8
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.25 KB
|
|
MD5
|
0737dd734a4100208ac77b45c8c80bd9
|
|
SHA1
|
73fc9edf9e48cbb6de6a0ecb6c75a059c43aa304
|
|
SHA256
|
eee35de7c073ea76f72599ea883d9e93b959d993692310a54af2df2bd53a4386
|
|
SSDeep
|
192:FvNcVoSiCvTf7b27qKRPIGsJg4RKV1kF2yAiOe8VhWrRmh7Y:FvNGiUbpKlNw1Ane8P16
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.76 KB
|
|
MD5
|
26aa56fc34dfc758b1e65c16bf1d7b50
|
|
SHA1
|
c8082d04c24452db3ad70ada262fdfc46179f65c
|
|
SHA256
|
1901336e0b275735bec35b9e39c7f5c173fb43fa7b13673ff261e2dd0479967b
|
|
SSDeep
|
48:rmfzMapoS95anGnAGajhih4etrsDJ/wjW0B/qej6ZYct15tY:+zXpB0G68h4GrGwj9B/9iPzY
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.47 KB
|
|
MD5
|
064a97ea272d31ed242c2367baed743e
|
|
SHA1
|
e164ab44b0c512761941ede30d386ac176b528a4
|
|
SHA256
|
44b35f38bf6384a8cf10631179ab0e0754e53d1a9bf4c3045b0f33bdf491cffd
|
|
SSDeep
|
48:xiEFoNXs6xmyc8DLVrROMu2O/uXUmroqshIuvwG4YQrH61IS2C86ZYct15tC:x9o9s6xmiRNeutroqshIa6B+1F2DiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
adb33c45d5c365717d71ae58e88f25f1
|
|
SHA1
|
f3576c99cea6981d60ab63c35562c7d07b03320a
|
|
SHA256
|
1f92b1d541e91e31ba83807b7bdeb2b11c9d1a4abedb47ea46f358bbc792ee00
|
|
SSDeep
|
48:o2mUcjPu/Nf649WYtd4hNu4oqt/EteO6ZYct15tS:ofjPu/B6Utwu4oqt/oiPzS
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.07 KB
|
|
MD5
|
68493680a9a22e5e71e7e2ca3188e68a
|
|
SHA1
|
878fc4404e150c9a01dc74d14fa3c7efbbbc0d7b
|
|
SHA256
|
9b3ecb32e4805d9c3a0465db023aecbfa8d4514e01037021ceb04105ac578faf
|
|
SSDeep
|
48:+Pa8Wg1CiTxniperNlA0MWzl7lhbulG/Sr/9HzxaFKe6ZYct15tC:KYQxiperNDRzRbnSBzCKeiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.36 KB
|
|
MD5
|
06e400a8f7817f8641c34a0b0c67fb03
|
|
SHA1
|
bb616f6070f4d2c371f6865d3d3fc62eb4e0f25a
|
|
SHA256
|
d18f63bfe7f12ae2f168cbf0f931cdda60cdfaada6762d4f4c88953cb65bfb96
|
|
SSDeep
|
96:NS8mHYZeJMZF3sbizJ1ZcqAHCCr/+QasrXbLNppTsfiPzMt:oNGe32tvbW8sbLNppB7Mt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.33 KB
|
|
MD5
|
e6a7fc6d876ddce3c8656c105c5d0d80
|
|
SHA1
|
a4b2dddf6962c9bb912f95c1835b34964e4f0455
|
|
SHA256
|
7b9519520dd46fc827d5138ba78f0ff88a2c221bc71ccc1b060a8dad2d577ec3
|
|
SSDeep
|
96:lrhRDVvYKwFxmIbT5FTr3uMF5FTT8RlONXc8QBNpiPzC:ZhRJvYJvP5we5dQ6M8QBNQ7C
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.60 KB
|
|
MD5
|
4f18c9a8289860a82e5ed27fd5bb6e15
|
|
SHA1
|
75583d55c7669ff0f979e2702f022817ac39f08d
|
|
SHA256
|
fe304c55313616408eb4fde4be241330dff00eecd2d1a8d0eac9d441bc516ff9
|
|
SSDeep
|
48:e48pTWBHBEV0e38ZOK1hmoqVwx+NeqVGD9K4sXni8aWGGbnYPBBupnXZXjRSGH6I:e48VWLEV0e38xa3IRBsXiTGbnYPB4ZtF
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.99 KB
|
|
MD5
|
4dc1dafa458d781cf4af67a2c9b90c72
|
|
SHA1
|
cd7ec2118c52f7c47e927ff37e553dbe2a3a87ea
|
|
SHA256
|
2d78618fa37b5c6053c1f278e29bee702d987bba761297a4eb4832028cfbcd55
|
|
SSDeep
|
48:3AgapP2GxLyuBOWeGiFmitr4s1xcIi6yJwiOYXIiq7e6f6ZYct15tu:+p+GxLHBneGilHFi6kKfiPzu
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
2b4202481c178839e02464bdd92809ae
|
|
SHA1
|
2b83f5955ac8448c2c1884a1820a103d7ddc426a
|
|
SHA256
|
a4a8e19af4603345994777014a508fa0778025fb458fc5cde4f39fd65a5cc05a
|
|
SSDeep
|
48:eMBDzd85zN3NqpG/bVIguXu0ZRHBeuX6ZYct15tQ:rzd0zN96Gz+gyZRJiPzQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
3f2f73b78f968a4e42c55944c607c4c2
|
|
SHA1
|
e8512aeefa6770136586595e3aa187389b63c7ff
|
|
SHA256
|
d23e2dbe5ebc931f237a112f10d236485e1f3b71728855096a34a53001854add
|
|
SSDeep
|
48:kpSEJlu/dC8ESNdSOKrjk6TuwZf/6ZYct15tC:JEDu/487bVYJqyf/iPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.03 KB
|
|
MD5
|
51b931e98886c59dcccac91a5577269f
|
|
SHA1
|
a2209a52a0826d495c9858a0d155ef37d3dc93c2
|
|
SHA256
|
65b001da04e585a229f7d5530e262af363c0d63714d5babda789ae6dc0fcdb94
|
|
SSDeep
|
24:g7tw9kCL4rcY/c+vELhlqh8Zg1CqNH9K/WT75rdZq46ZYct1npXv17U:W3I4oYK+dQPe5Dq46ZYct15tY
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.97 KB
|
|
MD5
|
045081f0743d75472b6e792df119c600
|
|
SHA1
|
5bb962f00ea3ce8ccabe83d9b64d096c77f5030a
|
|
SHA256
|
2416e4cb123a058bffad525912b9c4d1bfc4c4bbfa358c0fb8fe39827256719c
|
|
SSDeep
|
96:91/tgGjgjduUQGxq/LrYc5iwqtnzUGbYwvBSRVNTzaJaZI9ffBllvJsg06fg+xn7:zjgj3xULr7Ehz79vBoVAuI9xltiL6ppR
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.80 KB
|
|
MD5
|
4a3799c0deea99e3baee17a51b35c3c9
|
|
SHA1
|
f1a875b877730356110825e9d20bf2f5e74ab846
|
|
SHA256
|
25617b4742b3b26557673a16e00f155968e4b057619203a83216b5951901b954
|
|
SSDeep
|
48:B57GUd1h8D5YsmDs7UaKfM60g8w6ZYct15tC:Hnd1M5Ysr5T638wiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.54 KB
|
|
MD5
|
81167ed2ba11ec223fd237679ef34fc5
|
|
SHA1
|
79a4f927e039afaafbaecf65884ff9a3f16c3082
|
|
SHA256
|
e2807964521e8260dd0c1ad701ed15e50cc2639a38c1a39097818243ff903646
|
|
SSDeep
|
48:zcHzbGYQzgwLkPI6EEQP6D0BCe4T81E5CTjxueW+CUhGQYcJXditd6ZYct15tC:4/GVs0MInzP5/4TOE5CPxuYvbiHiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.44 KB
|
|
MD5
|
6e83f22701254ee3bff8aebd17ff104e
|
|
SHA1
|
c658862d4a582530b88e098bf38a669f78dece17
|
|
SHA256
|
9df7eb64f3f62b3899a30b4d639c7c95fed106637b7bc95200461aeae2a63cc3
|
|
SSDeep
|
24:gKX9XZzw3UhyZv+WpSYp6oj2Z56lw8QEk02ON2RdHVqY8Z8v4ePv6t6ZYct1npXo:gQ9XZzpEoWpSYgaqOwckiN2RdHz4ePGV
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.55 KB
|
|
MD5
|
bb5b56af15a8a7ba764f2bcb62c3d444
|
|
SHA1
|
078e782744df068078f6e70af19e5b266a3ab1f1
|
|
SHA256
|
1badcf92b6f6a40c55b79d95148ac4eee8370e9a432def76c02e791f0d96e86c
|
|
SSDeep
|
24:W9HDD1IqSjU7EAGlLlq5CahmfM82JLJBoWsiQzcQnLIpKwwHc6ZYct1npXv17m:WNPSjU4AzhmE8TW/QLIkxc6ZYct15tC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.33 KB
|
|
MD5
|
0a4a9c4c6cde4d272575b34146a440ca
|
|
SHA1
|
76c87675c85178c15ea4b071bd639532045e3d3b
|
|
SHA256
|
cf197306f41ec1f7aae3d003615a49e1d0ec86017fc30892a209c67290efe316
|
|
SSDeep
|
192:Am5UpA/V2mpBQUvkemzw2MRcAihNW0KPgJxZuv7C:KqN1pqUvBmjLhNnp3I2
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.51 KB
|
|
MD5
|
2de17d94e0a08bb52074e8c763d37f90
|
|
SHA1
|
84cd4c45d985d7803e5c97ae6901afdadb113708
|
|
SHA256
|
b27cfd0637137ebd39f089eaa13e1da2778bcbfdfd05eb055dbb312bdf279df7
|
|
SSDeep
|
192:a4dHsqf7mlizYyBU/1FQhfeXasj06H3h4mQd6lea/qA7Y:RsqaqYQteKsjmd6f+
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.81 KB
|
|
MD5
|
3e0a2cce04f636192d03fab47b4e1ffd
|
|
SHA1
|
89c33eefb2df2d4826ccc2c0f4d96386919caf9a
|
|
SHA256
|
28e245a85a2619d5a62561b7193d4c0296716689644dd1f1f53ed25fe7287342
|
|
SSDeep
|
48:UBmLfjDcY24Srjg6kzVZESzQebK6ZYct15tMt:UBKXe6zRziiPzMt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
a8e5b351656d1d6f66b4e5f384f8f322
|
|
SHA1
|
6fa7e87897429ff1d13ae98d913f8926b4a46a77
|
|
SHA256
|
81e1f9f9c08e2917b9d4962417152846a6d5f610928a85276108b51d89543993
|
|
SSDeep
|
48:w4TASZIF8VqG9q1cD8b0ahwITxC7ce+wh+hL/qF/6ZYct15tC:3ESZocqGe9hPNTbDt/o/iPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
7bce8bc3a14fcceace16b8f37f036ec5
|
|
SHA1
|
2bcc9b87ea216b50a2b1f93a1b39128ce24fd021
|
|
SHA256
|
d6458ec5c1dd0bbeb22b2d97ed43041072f012b3b89e6532fddb1bd6ed58be4e
|
|
SSDeep
|
48:ly51PLkWG5yTHyuGI2jQxUFAIxM+5zPSWet6ZYct15tMt:lyfDkWG5yxf2jQefM+5rSbiPzMt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.07 KB
|
|
MD5
|
42bfea7fbb935d274f535a10b2728e4a
|
|
SHA1
|
2b9d1fc2d1ca999f973feeda8c873fe38f1d9f30
|
|
SHA256
|
c2dbb77ed7c31a35b8b1aa927d94346c8a759413c8cdfbdfcd28907b9286ebea
|
|
SSDeep
|
48:118HbRkl7+hxNCaqpAXii9PiRRkL+jLdHlh0UzxLxd5EzV16ZYct15tC:q9kl7+PMArfLWhZzxLxdGV1iPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.14 KB
|
|
MD5
|
dc498a3d0a11b17235754a6b17bc7609
|
|
SHA1
|
3adc4053b6072ff2b9fa5639176c364a85247211
|
|
SHA256
|
f9ee1fcb1ef065d6c707d80ebaffbcebee58453a9ca6d56ff3e65e0bcc77212f
|
|
SSDeep
|
24:XgbHGwZkhcMIed6Bi41wBEACdsWe4Jnled6ZYct1npXv17+:bmkhcMHa31Tdhe4Jnled6ZYct15ta
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.60 KB
|
|
MD5
|
be904e4b10a0364928493eb72d747b58
|
|
SHA1
|
b8d9464c18ec1c390624316004e2e2830942e393
|
|
SHA256
|
4d785cb3499484b53aed0290eed57c7915dbfec0ae1a39d9ec4f5085b4b0cdeb
|
|
SSDeep
|
48:BztP6232eDVBm2Xy3n6IP1HEareyW4f3rxtMQM1ek76ZYct15tm:BztP6232eDVA2XuZtkieyWk3rxtm7iPi
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.04 KB
|
|
MD5
|
9cfc3b22fb7510d8292b4c0b60aed53c
|
|
SHA1
|
1ba50e35340d925627a09b851cb6e2852b5273b5
|
|
SHA256
|
85faba9cd63d5959ed22ad5f196f4ffcbc8d057e4eba13246a44136052b0b44e
|
|
SSDeep
|
48:dWfoIUUhEusnPMG9XpoSlhUfzZSUh8aHYe1V706XIB6ZYct15tC:koOfsPMGzoSlh6d82v7XIBiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.18 KB
|
|
MD5
|
f7f6cb4a4ab842aaa6af8fc231f4bbfd
|
|
SHA1
|
c24b65ab83961ffae68edf8edbdcd348fc55dd0b
|
|
SHA256
|
f0bb56c7d74938e8ba69f063c644b56fbfd796314c10bbd147d7664e8df78584
|
|
SSDeep
|
48:uXckiMOlLCuHBp1HiKA3lFLe10Pk5Icwn6ZYct15tC:RMECgjHiLFLe1tIcwniPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.65 KB
|
|
MD5
|
aa8187f17bec30217ac7b40327210c83
|
|
SHA1
|
c2d7943fde3b325bfd74183c8a44d7bf70e2a9e9
|
|
SHA256
|
d14a9a767e3aa2cc589bc7344902ebb8fb3b6cac917c1a192f7921767f058487
|
|
SSDeep
|
48:x8/4kyJEWH5rKDssjF9AzWt/tYufXFd6ZYct15tC:x8/4fJVeDsuXSWwufXFdiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
582.61 KB
|
|
MD5
|
081a9fbd9265d115933a61c04bcaafed
|
|
SHA1
|
899d60ca4266b604fd4098b648b8fcb43edb05ab
|
|
SHA256
|
b4b11d8a6d5dbf6f9fd57caac0cb38d4c993102eae02cebef8ab6fbb10bbadd4
|
|
SSDeep
|
12288:pdUhIz4FQMqQNYrXAGCXb9xf1c+iZzAvzw4Fc/A1xlfyrlA1ms:pdqIqQP46X271cTzAc4yMl6rlA1ms
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
26.79 KB
|
|
MD5
|
c81a003d1f072310750196c0434a1885
|
|
SHA1
|
3c83ba516526615590d7399f36c84fbd9e67587b
|
|
SHA256
|
fe5484699c8757e8bf2a9447a443a2579ec8723e4be149cd4a0b98c2441e3ee9
|
|
SSDeep
|
768:KNdY8ngtwx5oSqWxjS5yx/dbFNRp2bPJ2RgV:S68ngamWxjS5K/BF7pqh2Rq
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
65.85 KB
|
|
MD5
|
dd25182b81fdc5a9b06432e97f1c14d8
|
|
SHA1
|
09346bdc2b3c453a887b581d4b84bd2891eb3808
|
|
SHA256
|
19fcd1351d40a676f6265af3d2483c8fe9491f749319cf0a7af19a273f149215
|
|
SSDeep
|
1536:Iw0SdBM0LbjT+w61lizWKSj5tckB34YzVujBWb0GgEXRPSzt2g2j:IwJU0Lqw2lCSjPcS1zVcBWbvgEXRPSzu
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
c7ca9f38dff71f106aa83c256025bc4d
|
|
SHA1
|
da111b68d4e458c678cddc6614d7fcf365f988a9
|
|
SHA256
|
627c9368f7a06907238c4d0257c27c77f6c628d547aa00b0e80dc9e7b9408e9d
|
|
SSDeep
|
24:ihrQxfL5dwcfpBLM2XSQrjSzFSOj2tA5hCPfOfS23ct6ZYct1npXv17s:ZxfwMBpj2D84S2U6ZYct15tQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.67 KB
|
|
MD5
|
10e226ddb7f7456c2d3c17d423075091
|
|
SHA1
|
1b88b3937e986bb9d1711b1484edcb2c84d73ad6
|
|
SHA256
|
8dd7df65d34d56fd4cd677458ad5e4f346ea285ddf206af263e7329bdf503430
|
|
SSDeep
|
96:pDWMa8G9ALvVaJ+Y92iyhXsMvHsBpfJXBwr4t3uJIDm9n1lK/aiPza:EMB5Jad27hXsCMfJRlhuGDgnno7a
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.37 KB
|
|
MD5
|
6c5004db3ca0d71820a4759c2a9be394
|
|
SHA1
|
87d65add57d4c37bb308c739fafd33b3a6a12a18
|
|
SHA256
|
c7c4a35d066972994a2c96ca3806da90b081c7f211cd40efc57fcbd6ce8ffa58
|
|
SSDeep
|
192:NcJ/HiVBIq+7Gb3eSb/mKUJBTckdw7GKPeTv7WYXZ0AbE1LXJwdp07C:Nga5buSbFUJN7d2mb7WYX2AbEupD
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.80 KB
|
|
MD5
|
aabf934e4d8948aecd108c760e1876f2
|
|
SHA1
|
10242fd7493024ce45248bd080a8db35d34214e8
|
|
SHA256
|
c6de07ec20c280d2228a7576e866905c5d4b7bf0ff561b190ada624236df5b0b
|
|
SSDeep
|
48:8eg8+iCcSSjoBCSnhugnAbNYAM11w0HA0ndnnqHYdLEAy8fevvxNmko9C+8o46Ze:aXcSNNnhuwAbuAM1m41nnqHWYV8m3mnM
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
ee650c1a2ed7ab90d45a04e9b291c46c
|
|
SHA1
|
9c49802a6dd28ab2ce321e45ecbb5ab9e42cae00
|
|
SHA256
|
4ba5e2ac7eaa7699f85b20bd15290af8d5c60e6592f432670edf4e4c49101610
|
|
SSDeep
|
96:MdGsSob3+rZ153vkoQNp/vRhkk8L/7+pCmXHku3g9iPzMt:qrbA3soQNpRiZLDAkyL7Mt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.70 KB
|
|
MD5
|
28bcd58e786171505c4b057b3154c31c
|
|
SHA1
|
b89b049fedf557bf445edd80c41997b7ef5d19f9
|
|
SHA256
|
a43c89383b9dac79a5948083eb19b4ddada3996a09cd19895d24710c1c689430
|
|
SSDeep
|
384:Ky+tl/PjcB2DvcH0bwp31lhJ5hqToIkPwBsP9hlyQSEtD/qj4YEjW:Ky+tl/7EuvCawpLL5pIVBe9byEtD/qjn
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
30.60 KB
|
|
MD5
|
559cb1601dba792577f7d00e29e33f06
|
|
SHA1
|
187b9c0d1e13e92488537fe0140190fdcf6fd1e2
|
|
SHA256
|
0102191143d8f0b49fd327b31776e4a0ac7b34f3d7cb3013134e7de8986af295
|
|
SSDeep
|
384:ShLpqp4/Jp6nn8h19PWgNJKMYGTWjBl+TxGtlYyLWo/xH2QMO7fJSXkmyxjMnH3g:Shkmpcn8hnPEW7MtlDWmSwxjMnx6
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
b12738f8cdba4b88b6294ec452f3e456
|
|
SHA1
|
6d20b2f7e8f764fa60340219eff50f82697452bb
|
|
SHA256
|
967aadbf629708b41e1eec22a4c53626260e7c062afcefce2226d4015af8b04d
|
|
SSDeep
|
24:kSCTJgR8sw3IUoIgvB18HyoIZoC4sOhrhBWS2jjYXt6ZYct1npXv17s:kSCdgnUCvB6SL3CrJ2jjYXt6ZYct15tQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
16e33af82e16ac82a340dc8a6c34fb07
|
|
SHA1
|
941995bc25865102da79c0ea9009fef197bd17ab
|
|
SHA256
|
b18e3089ee3f67041f68bcb28f43daf5cd10317db35cb31079137410b8b60ed4
|
|
SSDeep
|
96:786OHiuuAHCry8n4U2pkOfBcTMpVqVlAaB0BRwHQsmhiPzMt:7doifATmlEeop4DOB9smo7Mt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
582.61 KB
|
|
MD5
|
9d1ac4ab649aade73f5a1f59651c315f
|
|
SHA1
|
80b1dfb8e806d4a1bf56d186f8902ed5b21439cb
|
|
SHA256
|
cb84914df057600d2ee6d5b6cdfc86985b292a50c5c0559370139ba407205e78
|
|
SSDeep
|
12288:kybf2asZgvLiC/+z0+jP8JRUfariT/G04Gu0jvkCTXLm9bRxoYELt4tMifV4Lco4:kybfZsZgDiy7+EY0b04GJ1U7ontyMLwd
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.51 KB
|
|
MD5
|
5d886f460eb223fb26961f27c5117275
|
|
SHA1
|
c97028f7dbbd9f885445b7ed2f13d8559ef98ad6
|
|
SHA256
|
838e0cf926e905ea757ffd9384f433004bd0cd7d7c36816fc34d992a2e127ee5
|
|
SSDeep
|
96:Y8wKMxJbNNMnYQW+9EYbHGr2ymsLzijT3ZkwsbwlYhQ0FNAlTI5NnKC3Xzz8O7oV:YoIxNPQWMarhFijqw2rFjNKC3jzzJ7a
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.52 KB
|
|
MD5
|
fc6e26951cff53a432d94cd4b6e66a51
|
|
SHA1
|
bcab79a60854508a15041c1a858ac5e1114dd2f9
|
|
SHA256
|
86ea446c4a7bfeb7490dff76fbe222ffac67150a973496df7b16f4cbcc4b1252
|
|
SSDeep
|
384:EqHY8gPQKGoKAyuyvm5We5RrpdyeTqXh1pdiT4mrMPPQUITy96yI6n:EqHY8a2oKKy8Dld5sh1PQKQU39Rn
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
218ce3786201998f917565dc29590600
|
|
SHA1
|
28078ec66edd7debe65289aadcb805e1957fdb5a
|
|
SHA256
|
9767642b3bb88c5e325d67bc55a368d9f66419dde5ac33b8f4ece026e9b6fb6c
|
|
SSDeep
|
96:TNIkzjBr9/1VteSqo6NYeHiU7vlgGbE9xJykrRS6wDM5iPzMt:RIkZhtVtepFiCvlgGbE9amzLg7Mt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
20.33 KB
|
|
MD5
|
22e02b10648cf2cfc40d2209052f9955
|
|
SHA1
|
1634ef2ca2ba8ebcdfd5c1453c582d592105f123
|
|
SHA256
|
b291a26d40e07c8e13c618640b44c3fdf53754480cf0ac632c0f1307a1e617d8
|
|
SSDeep
|
384:qJBp2c3TsXaPSHNEOh1O9AwWl6g985lpcc+FWyIVDHyCfi+JwH:2PSTHj1Eel79857ccXdHyCf9C
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.56 KB
|
|
MD5
|
7123a9b39cfa2b28b7536d7d92ee67b1
|
|
SHA1
|
9babde5301f37f23764f7098f47abf13a9ec0c32
|
|
SHA256
|
c15d26858a36a123a8c4ee78c19260701bfbdac78c4df9ffa5618b6be521ea71
|
|
SSDeep
|
48:PXiqLvrIWypEpDFI+XMrNnaC6MoRKeO26ZYct15ta:PSqbrIW6EpJsNKMoR1iPza
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.27 KB
|
|
MD5
|
906685a4e54e4952774cedcc091cd940
|
|
SHA1
|
2183d0b0727db73266e045c0b6f4a60d45519a38
|
|
SHA256
|
b2e1739fc25c0a98e4e4588e031805b5e424b3ee152ab0f25b46565d79239f27
|
|
SSDeep
|
24:sEIflarEL+/yEXfhKV9d/2pi7428ouMtOoueBXugY0If6ZYct1npXv17ot:sECa4JahKVDsoupovk6ZYct15tct
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
14.94 KB
|
|
MD5
|
3af4becc3a54a136f4513257fd93b4a1
|
|
SHA1
|
26c2c813dbcffedc424ae2160c0eb11f2abb6ddd
|
|
SHA256
|
5a33446fbf3370b21549f56edc205af20884b072836dc43997f8d94e50690f36
|
|
SSDeep
|
384:2XMvxK8vRywS94Wnpvl08/Aqmu5FHT6CGEpScRksY:2cTRFE4WpGIAqmufzrGSJ2sY
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.88 KB
|
|
MD5
|
86af10248c015f591af2d226f278e863
|
|
SHA1
|
5678cd372c16abaf428586c575663f40034a6565
|
|
SHA256
|
5e7af9eedeb9a9e6b2977b6d1d19349c2d96fecea91795ff71b6542308234995
|
|
SSDeep
|
48:xVelrPDhYtKFPb0e0iNJo/sdF40k8DHvmJd39oykzOnf6ZYct15tct:xVaVYu0of+sF4N8bmgKnfiPz0
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.76 KB
|
|
MD5
|
bf0cc48f9d969a260dd8babaf62ae32a
|
|
SHA1
|
b99b1a9d27c24872a64970ff0f8e20cc6e45ba79
|
|
SHA256
|
923ec74497791a5c443df2308ac76140866269c95e47a8af0042df2bfaff01d1
|
|
SSDeep
|
192:EvR+V1nqtFcuqFUa34jhQffrWi1JiEBsFNWDfQe7kAaN1NJ+eMjU7Y:E5+7nqtFcuMUhQffrW4xB2GfcXN1NweI
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.27 KB
|
|
MD5
|
a5469a062e4ae7939f16d9a4ecbd54ea
|
|
SHA1
|
dad78528e22c9e2e3118c07bd3198d479722525e
|
|
SHA256
|
85b210908966deb0833055d465273ebe7558bc1f015427432e80d8eb1d7797ee
|
|
SSDeep
|
24:X9+CrDMWD1qStJVvelejy+yVxTv6pKLUn5ji1K77LQEx0GK/BUE26ZYct1npXv10:ACp1NBvecoxTSYLM5jOK77L5K/BUE26W
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.13 KB
|
|
MD5
|
8ceb21de013c20ab8d7d9c8831a67075
|
|
SHA1
|
dcfd0a90ce3d85de7558dc659facfa71ff644f0a
|
|
SHA256
|
940dc53f00bb2f452f828a4cb7b64101e5e8ca0d7776f7ed01bb9817feb6a36c
|
|
SSDeep
|
48:/zKMb6FgZ1lK/oSpmlxt8IE/M9xklHUydhjmM5jU26ZYct15ts:rKMb6ynlK/oSgloakl0yddvXiPzs
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.56 KB
|
|
MD5
|
efc2c85ff02768cb62023a83f881ac1a
|
|
SHA1
|
dae6794fdb279cbef9732f440eea25277ecc3468
|
|
SHA256
|
c4063a607b985e118dc2ada7b1901f7b6295f15a4ea86d2d7c8bb49a9b9cf480
|
|
SSDeep
|
48:JL6PqbSQj+8xKdUq329Bjw4EjtYFxxE26ZYct15ta:96Le+0KdUCujspY9diPza
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
3fae5db09d747f2ac365a029a355eac5
|
|
SHA1
|
0027cc5f0e3cbfea189d5de264ed8e142f5f5f65
|
|
SHA256
|
580751eb5bafe2d2cbda44091450c59e3541bf605ef6ff2a11bff89bda789720
|
|
SSDeep
|
24:Sa4nS/BuGMInbLvUECy/HXm6bu2WrYwwZea9u+WS2E6ZYct1npXv17s:Sa4IBukbLTCY3tfWEwwZe0uI2E6ZYctW
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.76 KB
|
|
MD5
|
f0e7ec78e56f9b6af4fd197a859b8bfd
|
|
SHA1
|
f46a76397f1ecac9327db1a872cb5bb8f00f1e91
|
|
SHA256
|
772ea7ba3c0ffc6b811736af4e18ded174c99628935d4d8fce2c24796f42fad8
|
|
SSDeep
|
48:9ZaKUFed9S+qlNP7KvmVJCzvglpm4II6ZYct15tY:9ZB2+uPe+vC0lpfiPzY
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.47 KB
|
|
MD5
|
796c7b9a2d94ecd65c736086b698e87b
|
|
SHA1
|
29ee5eef3653214a6b0db86a162a065d3bd0c451
|
|
SHA256
|
4a0443879fbea02a7f6bd7e9338a492805b7b4d367431684e19808ab2475822f
|
|
SSDeep
|
48:maI/nfSd02Nhm7a9nQtqG6qglBDqLzvknnI//3V7vNk4wl6ZYct15tC:tKfc02NXFFqglBDCzsI3lRk4wiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.14 KB
|
|
MD5
|
5df3a630934e7852511508b898e54c5f
|
|
SHA1
|
12b6315b3a5f4efb1b6a6b3bd37c828da6ef0ad1
|
|
SHA256
|
4ce01220474164c2be3d4a7ca8b40dec734bfdbadde46433263988b3377de09b
|
|
SSDeep
|
24:NpC4hsts2pmIIs/UPQ+IoSrBaztH6CtBnsUO3RuxrKHmo62X6ZYct1npXv17+:24hWBp1IRPLBustH6C0UOBU2962X6ZYn
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.80 KB
|
|
MD5
|
d602dc5e0df354ed90064274f0de02ad
|
|
SHA1
|
bcde260c7aed54f3a16a55728a191ab989642929
|
|
SHA256
|
5003122739b3d758cde65c37568daaf8bb7412307434175187b03b5d673a29cf
|
|
SSDeep
|
48:u2va8He35qDOxUcpGuhVYVhLlWIYcJb7tTKvDr69bUlfg+OkCxNMIaN2Z8+BRdZQ:u2vsJqDOxUwGsK7WIYcj269b48LXRpHQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.44 KB
|
|
MD5
|
595c53c97a5642e2ef597f76dd4ff6e8
|
|
SHA1
|
ce3878eb8e1557473714818203989852d7fffe47
|
|
SHA256
|
20177883e828473672bf0b4665d1d7bdb8d01a0023c270c0878c1a0c6c557c6d
|
|
SSDeep
|
24:Ye0gG4V28ksUGzJEraPdXJ3F7Nt/QEyNkUNThyJyI62Vd1g+OG7jY0/uz6ZYct1u:v7GS7J1lRfrqdujdOG780mz6ZYct15tm
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.04 KB
|
|
MD5
|
cfce8559a18518ec978ad538fe96cb46
|
|
SHA1
|
cfc1b78792fd1287b0aaaf06a7e7a6d40b6f1091
|
|
SHA256
|
e82fdbad1e0078d9f3855cddd20cecaabf425196dc31e5e0edb369d8c23deed1
|
|
SSDeep
|
48:18pNga8tU/GAyKuOgaXziAMXZSp81DsYkbSV566ZYct15tC:18p+LUByKuOvXOjEODlkbSV56iPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
69.80 KB
|
|
MD5
|
e081e0c109b875d9eb5a6a67a6913e8c
|
|
SHA1
|
a6e674603b8a1dcb83ac31dd83d074a6221ac705
|
|
SHA256
|
1ba26d0961342711e9afb55f2dd3ea3f7bfdb3603b4d6a6b36aa58596f98481f
|
|
SSDeep
|
1536:bnkDGAV/fyY2X4VEHqF7WWuYWf2wHfox2y0sSJqi61uLs1JK9Nd7WNQPjx:bkDnVR2X4VEs/uYWOw/ox2Fqi68LsTK7
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.67 KB
|
|
MD5
|
896239c95033746da5b0593ab76e2981
|
|
SHA1
|
e38d71abe168b0e78dae14c2fc6b3620fd31aab4
|
|
SHA256
|
64c8a5d729dddc477e37aba47ee94a824f3735b621f520568a8b560eda0ddf9c
|
|
SSDeep
|
96:nw92gB7JS51HDerGmU4lPiiMibGRQpKsPEZr/GScdMYHDTiPza:nw92U7Q/DerGmUCPWWpKQEoVdMx7a
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.65 KB
|
|
MD5
|
8c0654a99d2014b1b6f75ccbc9902160
|
|
SHA1
|
3e15f188c22c02ffdb83f7bd9e3d9e03ab75bd5b
|
|
SHA256
|
6479c599ce4ba296073bd0c87603bd06f350fccfcf01796bec552e6e7dd38da0
|
|
SSDeep
|
48:K4uOLd/4bxrjV1zTqrmo9tf1wW8wmUPJzKs76ZYct15tC:K4TqV1omgN1w7/Ud97iPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
37.04 KB
|
|
MD5
|
746912baf4c34204eda9be1ee5345411
|
|
SHA1
|
adcf9cf39d2a29054c23bf7a23c15426b5bea8f1
|
|
SHA256
|
334ac196827e472e6f6f386169a58fb9d2de1c0b2fd343ca3732ca91694b8d8c
|
|
SSDeep
|
768:+I5GQDZocy6V5qc12MNuVEYyS6BqkhWSml/QQqPRwmF/kuxEZ:+q3Zoc9V5LoVEIkhsTqZwmF/7EZ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
26.54 KB
|
|
MD5
|
013834cc4706c1a5afa6c74b44bc4108
|
|
SHA1
|
d40c28d73ddf1209a4d72ea8ccabd6846a3d39d1
|
|
SHA256
|
f14a8e7ae1fade5df2a6575c3c1b08391e27da1c7558a3faa40f9397ec009f4e
|
|
SSDeep
|
768:DpMknoaVDiv1JG19NBYEkwTXvQ19vvuboGuOEPoC4Nep:9Mknoa1uE9NBXkwTXvQzucGJeoCqep
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
26.79 KB
|
|
MD5
|
6e79a27b13f038c0b092d26ef063943e
|
|
SHA1
|
f5b1a40592ad5799200674f71b590ce5dbaf29b6
|
|
SHA256
|
e63ea34435352239a238af8099d748f94950efedcad04a7eae9e38bd2b83ef4a
|
|
SSDeep
|
768:e12+7uAWyJct9sNLJskMlcQdaBDrfXDrhOMu+HshWfdTPDt:e0+yFyJk9sNdMxaLZu+7fdTPDt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
0485b3846594be1c954732edc73bc455
|
|
SHA1
|
364c7297b8df8b05e8a9e7b53d596b6385c3a1e6
|
|
SHA256
|
fa97e40ce0fd2d2fc0ae53c394600e02a52a74b6dc82bd98743f4c11fd965cfb
|
|
SSDeep
|
24:kpqH/bFL8MMOZM/CbnAAirWUD5MLfZXm3jh0S2e6ZYct1npXv17s:Sqfb6MMOZbZ6Wa+fZXUuS2e6ZYct15tQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.60 KB
|
|
MD5
|
f3164b82a0f2caf12cdf51018b029959
|
|
SHA1
|
01837ab3b8a46df72f170487a44923ff4fd8dc33
|
|
SHA256
|
0b6131bbdb2ddd2e1615e982c6560999e09242844dcf7dfad79dff12c0b36275
|
|
SSDeep
|
48:5cN8jHe2t/n4An11V7YfX966lev/9gU7pix1G6ZYct15tm:5V+6nn1V75p317piSiPzm
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
582.61 KB
|
|
MD5
|
6e3d22f5b14d499e52bacfb250a446e5
|
|
SHA1
|
9a04b9e815c7be42f6af8742f23b44419eacb22c
|
|
SHA256
|
18ea92d639a5a98dca495cbe2a650dfed7cac8e6c66ecdee68bc3d258d69da79
|
|
SSDeep
|
12288:gvWDuwWAv1L1drXKuwDirtPTYpkU/6fNds2UocowzqhfjkvJ:5/ZkmtPTuQdsloJfa
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.54 KB
|
|
MD5
|
27ff03a7c9ee971abbb8e7e7571049e7
|
|
SHA1
|
f45664deefa715a711da991f0a804f5b87ff8b80
|
|
SHA256
|
b70d30679ab6d682bc80905518320d24a294d91e2c12e40de6756d6c78c5b530
|
|
SSDeep
|
48:VqFc0bR9ei8UgVfd4jJiKLKuhAgDAXsFQSR3VhbcdzKmPe+h2Q3avOJ6ZYct15tC:VqFSiFPZhvb7Rfbc1Kx+hd3wOJiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
17645749a81c9d4f2a018ce252a81af3
|
|
SHA1
|
3bdfec5c5e6709dc9e207d6ad6bb152627a95c5b
|
|
SHA256
|
e92c78eb2c1442d843ab4795a9becb6c1c5ffda54e549742085a8a723b96c107
|
|
SSDeep
|
96:DGNAHw6JM5OaE8jDo1hHH6NZoXnNYeaKORJVZqbXewhHxFiPzMt:qNAHl2zTA6leaBRJmbXewhRU7Mt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
65.85 KB
|
|
MD5
|
aef024009caa17bba7295e7a571ad6cf
|
|
SHA1
|
6c20ac0294916eb0e7f19a14c95dcdb3f01b3d39
|
|
SHA256
|
15ccb0cabbd7b1629a82b27422ffb5e6085029507354d548eba9102b53022007
|
|
SSDeep
|
1536:4GAnpoyYt6b4Z4oEGJT3CcTJ332kOYPJ4dh+/2Sxf8bACl7eGu2:OnSyYt64rXJn2LX+/CE+ir2
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.36 KB
|
|
MD5
|
658c9d0411408533a1333669c3ba090d
|
|
SHA1
|
a38b881b2fed258aa22cb7fff99adb1523a9372d
|
|
SHA256
|
8f5166c29ff0c319a1400c2993bc366ca20be852395f8e77684bf70b4120a89e
|
|
SSDeep
|
96:KqytYfh90ZXPXw6weX2sf5vSOQv7CUHCKniPzMt:byi0ZXoIXJvTQv7biB7Mt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.33 KB
|
|
MD5
|
781f585a6cc8a1134372aecdde3fa8ec
|
|
SHA1
|
2d0b2616e05241987b709f3349b9f12fa72ef2fa
|
|
SHA256
|
6948c2153ee77aefaf694b0a69ddaa42f432e2c376e5f80671d556d0415c1dc2
|
|
SSDeep
|
96:RSRIOEZGciwfkZeRp/0oFTi9tSS0I3YxP9k/b1JykomH2nmQiPzC:xVG0MZho9mn0IGP6TbytmKY7C
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
8d18228357b7ca699f80d563c21296a5
|
|
SHA1
|
1048949f6d53cf2aec92f83e82b0cdb491f1e445
|
|
SHA256
|
b29d405d27a9a9c2bcdafd485763f5d5280e81aacf63136f5b0041017eaba433
|
|
SSDeep
|
48:zI4E1zHQRnNMkCBupvA5wb0/yNtVf6ZYct15tS:otHTANA5V/yFiPzS
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
855.24 KB
|
|
MD5
|
b4ad1e1909e18d6f7601c9db9a87345c
|
|
SHA1
|
f4008a9250700df6711d8ef07e27e56c5dbd3b49
|
|
SHA256
|
31b5d59ebc341265ce76ee2f893fac2502398ede8deadc3ab17b64725ad97a25
|
|
SSDeep
|
24576:y3bXW/la+4qIqsrYFhl70W7sfGMJ4+uI2OBqr06xErO:OXCj493u+uNOBqwQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.81 KB
|
|
MD5
|
dd00df821012fcbf5993797e3c0ed520
|
|
SHA1
|
6136b5109cdf4acb55094e10c49c4aebf0c7bca8
|
|
SHA256
|
a113771094757e94fe9561a59fc3effe83fb3e0d77a1a750db896a573945abc9
|
|
SSDeep
|
48:TScJwdEwyCkvAou8uuyCu1C5CMOfEH0iJH6ZYct15tMt:1JjwyLop8uuyC1CMqitiPzMt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.51 KB
|
|
MD5
|
396400f9c07561b6ef3f0a319d158803
|
|
SHA1
|
828444172aff6e967b20ee5b5fd6dbcfda3d6ebe
|
|
SHA256
|
84a4eead20eb37a6a3327c738841f73a9187feb12c832de5aa1cf91bf5fc3a98
|
|
SSDeep
|
192:YqAU3+ezcXO9Yogg0VIbS7Pty6IBgpRwqG0M7a:DAU3JzIOlW+b6IRB0wqG0D
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.52 KB
|
|
MD5
|
a981730faae667a034bddddf3ee04abd
|
|
SHA1
|
9bec2e6df84271d19ae18c592090198d99d1072c
|
|
SHA256
|
dbdc92df85483a085bc9a2ac5ee4b0044dde3fc295de2d4da3437477a5a47923
|
|
SSDeep
|
384:+a9JFux4tfJ23rqE1a3KP9iNLqIZa6a3G+B1byEdEzJH3:/uxSe/1FiJVZza2+7byYEzR3
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
ba73859682be9d6c99b32f890e9a18be
|
|
SHA1
|
814bca209ce1a6a4c22e3b9734f7f664ac681958
|
|
SHA256
|
2255e3c8464a707419f1f1b8a71b09a8a14b65a6c8b399f077d8ce7f8e0e3461
|
|
SSDeep
|
48:plyz0YBbdg2BsHtWFUPgxLelFTiOlte6ZYct15tMt:plyzNrgezaPIeXMiPzMt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
860.74 KB
|
|
MD5
|
a2a2b506e2e95d849002685928e858b2
|
|
SHA1
|
b92d9f5056cffcbe287f23dc66e714a3f511206b
|
|
SHA256
|
a8a3629d71293b0a2ab49824546b34571312c528d539d07d2ef990f1804d1efa
|
|
SSDeep
|
24576:A0xC71U+1AVHvMgxqsoimIm3NXGgZ0yWZvHjP1Iy0n:Oa+1AVHkgdjZmdRsZvHjP5O
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.37 KB
|
|
MD5
|
b00af5bc13ed219ac28d1dd4e6917518
|
|
SHA1
|
e52de4803a6d6358d39241b6645e37a0aa1175ff
|
|
SHA256
|
b0e4cb1a60ec2a615a9941297dcc9ace23c6497579ac7b39d4dbaa345cd48b63
|
|
SSDeep
|
192:JCIVkI7RCPyM4yxIFqPuQLOm4slY0ave+uY/zY+oTpJVZJ+rIsB0lCb5ZwOELnc9:JCBn1RZCmXlY7ve+rYrPTs1ilwZFJJ5
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.18 KB
|
|
MD5
|
97888f811672d039e1778224f3b9d2e0
|
|
SHA1
|
5bfffdbf6e1a30989d0c58525222f8e4933b4cd8
|
|
SHA256
|
871a530f4411be738045698db582494c498fcf58962d5ba26c7d8702a9b0a8f5
|
|
SSDeep
|
48:xxTqlSycHT4LCGFETlz57XbnEdh7488Nyl56ZYct15tC:xxTqlsz4X8lF7gdl488kl5iPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.55 KB
|
|
MD5
|
4ac8a145983776e0faeafbba388b8056
|
|
SHA1
|
b7a25f83502e98b2ff34d3db45120ea3e6b25c29
|
|
SHA256
|
69fc476776d45f8cf0cf9114dba8ececf06a5f5e7f16076987983682182243a3
|
|
SSDeep
|
48:Gadq07bZoYRLyAJff3DdnYw9aaDjyzRjU6ZYct15tC:57beYR7JnFzqoiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.07 KB
|
|
MD5
|
97f2711cad6d18cf7223b6bb96d0607d
|
|
SHA1
|
cb5c4eec975981ed924a278e317f96af63fe2335
|
|
SHA256
|
0943ad0bafb15489a1048228fe2c5f0d9b2f50d8aac1c0db788b8b4d6003fe4f
|
|
SSDeep
|
48:oyz9o5kFp+/w1i5ucJMfBmYMv8uCwcGzH9dMw6ZYct15tC:oenf+/wi5uc5h5rcGzddMwiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
1e44ba946afc4e4252b0933cd657d413
|
|
SHA1
|
f9d4cef10dd4b09d5c860e77111bf5f880018fdd
|
|
SHA256
|
c91e77f18d09d21dda64ea1ac579065a7b3a5157d5c94c98d6b8527b240cf98b
|
|
SSDeep
|
48:/Avj7lulmDS05hr2Jha+sLpkIoBzHjR0uPZs5a6ZYct15tC:yglmDSE23aeBzyaiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
82bb9f8e5557ee40ac9f10e0a4727f12
|
|
SHA1
|
ebaf078cbbdfa6051d0b6a1edf3189da780fc760
|
|
SHA256
|
15a9b5d2f86eaef01a94294927dcd64f266bad271c8b8911f202c1c816538e49
|
|
SSDeep
|
48:KEXzV6CQyTUwEQ9Ub2JXDrbEvd9RlZ1bKI6ZYct15tC:KEh6CVTUwnztD3ET51GIiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.03 KB
|
|
MD5
|
d01ad409294143ae908e312eee062930
|
|
SHA1
|
84e8ec92e2923a555421f8fe27cd54f36d7a065e
|
|
SHA256
|
abb6d30cdaeed8c1a21fac1526ce71c4cb82f9048303e36a93f07d61f87d2c8b
|
|
SSDeep
|
24:gaMoGtwEq2Q2Lkb/cLt7zMsOK/L4zcPDZHrhXoobo6ZYct1npXv17U:goGt+2Q0kApFOUswrhNo6ZYct15tY
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
30.60 KB
|
|
MD5
|
266a3b97f51ef335e0534a5e4222eb7e
|
|
SHA1
|
779bc4466593563c4f8ffff5870e96acbc23d046
|
|
SHA256
|
50b1072bae4e8f803a3c20d807dd5236712a77b5b04ac7369d628bcbebb7760f
|
|
SSDeep
|
384:kaxl/9R3kaGJ7msoJ5ceMXBAVFLW+OKh8x6WBztMeHEJgDI1zEsmLd6s59Jno0Ov:Fx3R6mwe8B2gw2RB+eQdzoLoF0OuFK
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
d205f166c9187573450afa4653bd242a
|
|
SHA1
|
17301162a03aa4eac2082654f3d5c13dd6d78b92
|
|
SHA256
|
b366269bf9e1dd37db7b24a9ba9450b608541b0f9eb0a6cd0051662cd794049a
|
|
SSDeep
|
48:0rBphMWggpsc7pl2bOuzKkhd4LdwdR6ZYct15tQ:0rxM3c7pl2bOuOk8wPiPzQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.97 KB
|
|
MD5
|
01e086d7f1dfc0de06e2a4286ae83d68
|
|
SHA1
|
faba56fdc217ebe31322c4a674a6019b0e8cb38b
|
|
SHA256
|
634b3f473386129ad2aa24a6d9c983fc28820ed906014b45cb865b14afa9e42c
|
|
SSDeep
|
96:mT8JZIohUeHlCChlIamJBf11jGXGqs/tcOa47M3f0LaNy7rG4TftqS8ixBBYmL8g:dvUDbJBfj0GqsZofqLNDs7ixHxPJrmVe
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.70 KB
|
|
MD5
|
830691b54c73c535984fc362d585db42
|
|
SHA1
|
a7802c776e219630aab43555f649619174f540dc
|
|
SHA256
|
b79592eec137e8519598e9edf0ea50730d6f1a6818c409d592ed8e5bcf634cd7
|
|
SSDeep
|
384:9A5WJhLWy9RAbz2hzK5jfYQ/27pYArQ6YwPqB1EughysQsQuwbYsrFH:9A5G9HA375jwKCjrQn0JYbYsZH
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.07 KB
|
|
MD5
|
51e90e12164901c4cd8ccc51ce84b020
|
|
SHA1
|
a9f79e08a312dea89f65355a19fae01b8d7abc45
|
|
SHA256
|
1f9f4582ab23a7615d73d361f5513590fba4ee42d2ffc70b34922dd5970d7dce
|
|
SSDeep
|
48:hm/rOY5sJTiwHuV2lVWh9rVXB1mZYhDtL0x3CVCeDOwCVaOn16ZYct15tC:hmOY5wT7YQVkrtB172CKaOn1iPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
20.33 KB
|
|
MD5
|
ae0b523b0f81b3535170f35392430cd2
|
|
SHA1
|
fea55d31821bf976e21d38249e52199b915885a8
|
|
SHA256
|
439eed7077566acfbd3764faa945fe55c9bf907fd8975a45773c69a37f852a15
|
|
SSDeep
|
384:iD0BNym1Nh3OHGu9Ju6BjABbMH0A7nHzl93MvjonRAlfaXIYlzZ:iDiRreHGO/pYIFHzjUjsRAFaLlV
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.76 KB
|
|
MD5
|
486daf8f466a37c9542c3485bf0e86fa
|
|
SHA1
|
d97e7c156162198022762468ea71d29784eb3a4d
|
|
SHA256
|
31de6fe3dad460057d6b8d3621e37944663cec832576aa8a0fe8c40cf4be4075
|
|
SSDeep
|
192:v2w8CsRzJY23IAkK5Q/g45wKSmlj1zVUgZn+hAySj/Rq7Y:5mSK5QT5q21zxnyrS1/
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.60 KB
|
|
MD5
|
fcb65d69f8bf203ad1cdcc01702f7446
|
|
SHA1
|
a65d90d4be31d3a36314c8edc9c89bfb80e5a168
|
|
SHA256
|
bca69e963a35dc6dbbce48c73e92f35cd635eedcf3157da113a58c315f04a30b
|
|
SSDeep
|
48:01Fv6TqO3qXXfK67YuImYTIGKpWOx/nB1BqaszzmCXa4H6ZYct15tC:01JccnfK63YTGx/Nqjzmv4HiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.80 KB
|
|
MD5
|
4e1ee84aa97bb16d93650c0dce5aa9b9
|
|
SHA1
|
e70d24e00731fb3cb209efe4c66bdbf8fd2dd54e
|
|
SHA256
|
e25eb4648831c0a6dffbbc43eee6721e085243904008144ac58fe0466a85bcfa
|
|
SSDeep
|
48:IJ/N9cyOsdiYd9sfOs5Zy1MRTwjo0+qfkW6ZYct15tC:In9mDYYy1MSMXWiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
865.24 KB
|
|
MD5
|
70ff66a908e0527c2a2d5994c7baf101
|
|
SHA1
|
7c6d5dfc6a07f673b6995b400ded7b75bdd43a6a
|
|
SHA256
|
6470e9900be05506cfd8961c6e359bd231e67c7638465162ce9a55053201e737
|
|
SSDeep
|
24576:i0Dx6h8Ak61UQGBYi33pTU4B8mN0ZPhtBcetyMzCmSumTrA6d5v0:iwAkTQGYi3prN0Z5UBfumTUss
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.33 KB
|
|
MD5
|
48ce635a4c4d44f3ed9f22c3bae63347
|
|
SHA1
|
f47cc7f56d56968174352da5698e44aefafa2030
|
|
SHA256
|
87af5e853c1fb90b3f5ffb2f986f14e0548f547c5d2aba92d081d55596fee3b3
|
|
SSDeep
|
192:lM4EkJ16NcIzBUtv1RvJxJ+DNJ3oK9K593O7C:G45GNcNtdRvJxJ+DNJTK/l
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.94 KB
|
|
MD5
|
9f21dc399f85ddda532c9f0fdd6cecfc
|
|
SHA1
|
79f50f5871f3e44951032fa350b373b45a36c211
|
|
SHA256
|
ebfac267e01f993f33411ed53be99014635f55fb7840bbd1defd609fd0377294
|
|
SSDeep
|
192:j3EHbwwRKmn/KNRs7jvng7mDqrUDwntZIuHSI/pVT6SG/Tf3g7C:j3EH0w0m/KujvJDaUwnf5yQ6SGrf3P
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.04 KB
|
|
MD5
|
94269842824ecd97861fab4317ad96d4
|
|
SHA1
|
df358224a6101eb8a3506cd3459ceb7afbb05dee
|
|
SHA256
|
5a45495ed4e3d3ac4a9be308555c58fdee8d97c9a46583550ce7d9bd5bff24f6
|
|
SSDeep
|
48:fr5BV2io5P4ABQ7Ev/085+P75mKa/2n/goLj+q6ZYct15tC:Tzoio5QABQ7e0u+D5mKb/gzqiPzC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
38.34 KB
|
|
MD5
|
49ce95f15543ae40cd079bb86c4839a1
|
|
SHA1
|
f659ec3ed5518de104afabebbf7a90ad3cde7186
|
|
SHA256
|
48da234345f767fa114f65825f7bbb4bd3b8b143845b434c7344df03c3d35bbd
|
|
SSDeep
|
768:SsfGum0TsS3+SNosADUncs1RCCEyQ6V8zaWjMY:ZjoSOCoZCEx62zaWAY
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.99 KB
|
|
MD5
|
3d9f730c41ac6d0690779d25134f83b7
|
|
SHA1
|
b615ccc3d81cfa4f0840508c6f1557a1568b4462
|
|
SHA256
|
9c152c7bebb62f6699ebb93e42177c9435d5b9b6e5c7da2afe7faa127af20c92
|
|
SSDeep
|
48:2ZqN+CMaOHBzDgkBkwvFMNwADlYuSOzht2BiE8bQXZPf6ZYct15tu:X+h1HCY9M7BSOzLUD8kJPfiPzu
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
848.75 KB
|
|
MD5
|
b844edb13bae5559511e51d67d5267cc
|
|
SHA1
|
bbdd159f7e3eab2b171d76a07b8cdc0ebb0d146a
|
|
SHA256
|
d1e3a40185738e27e28ab84cc58327c9eb47e2d2c16fe64a888b308112a7e988
|
|
SSDeep
|
24576:ZGlXVUWf0NgAgfwOArotnnBSJCG9eSw50CmvjY:4pVrf+gTfwOUozNG9eSw50f8
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
11.43 KB
|
|
MD5
|
066134871a0afbf3d647f8ae605cea62
|
|
SHA1
|
504ec9febfb4415684b10ef9d1e9f87d454db4ff
|
|
SHA256
|
5720877f1204d0a48ca4a52d3208e97306996a4a302f63c9a69aa089640302df
|
|
SSDeep
|
192:roibaA2KkkJ9tJTeVsTPa4pIs0D35oUNYsot1yUyqW1WiUfrBugiE7u:roeOHkhNeObIs0jyUNKJ0TFgQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.60 KB
|
|
MD5
|
5bec60a21263597b62eec131a8783c8b
|
|
SHA1
|
328a612607d5137da5f0cee6eba2cf986d25a82c
|
|
SHA256
|
05ffd03a295f56b4d84e285226358e9c01f873f437d2c3ea0e0fcf32e8f37ab0
|
|
SSDeep
|
192:yKHzCDT6Gwn80eGKLw0I30HTAvArPHRbgCDv/tmX7A:dYufn80n0lzAvKHRUc/0k
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
222.21 KB
|
|
MD5
|
9d51ca2219c9aa41396bc55c02b1c68f
|
|
SHA1
|
2a6c09332ebc9b32cdc329444633844c2baffa4b
|
|
SHA256
|
bf41fd7bf204539a4734095d7016b318931f072e75f42b178468061609caa364
|
|
SSDeep
|
6144:lAlgUnkALybucwvq6HewHhZ2H4UZV7ehP/d98Mtq:lPUnkdbfVwBZ9cKlfM
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.51 KB
|
|
MD5
|
adb8cf37f3248dd0e554cf410f615125
|
|
SHA1
|
18b6258e0f8d406ce21ad082e49f5c9d3896d64d
|
|
SHA256
|
4baaca5cc7ad32dae273384b55479bf2f00b92b546a5ee4d499f89121bfd3fd1
|
|
SSDeep
|
192:D0JSD9BBTAcV2BhrDhqGjWDrac+2nTMamrnY0pk3TPKFU0Y77Y:DvD9BRAlBhpq+W/acJnAakYak3AIY
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
890 bytes
|
|
MD5
|
586252360bf71c295582d416994cfc9f
|
|
SHA1
|
19a20a4c11243cb1525707dc989f4c093b17a160
|
|
SHA256
|
29e4e9aec6a29481ad49b4a6fc859ed0dd29f4c1fd655b7195bde862a50025bc
|
|
SSDeep
|
24:NMCm5A8ij3nDlGk9wtuPpn5SkwKA8FRNuMXQe26ZYct1npXv17q:Nr7XDlx2ts5c8/N4e26ZYct15tu
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.85 KB
|
|
MD5
|
af8c0911cd2fd67cec904cd43a02cda7
|
|
SHA1
|
92453865945ed1a4dda24008ae2f067c49b08426
|
|
SHA256
|
39895dffd09585ff4bbf5591fb6c8d0c855b0d7091587fbce1c4b93d7d985b27
|
|
SSDeep
|
48:TBB8ijOHPiB58eEdYQwQZ2egBIq3A5iL+F5oNqCb52ODlyO/SYlA0U66ZYct15ts:TzMM5zQYQfAL+ULg5oNqa2s2j0ziPzs
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
853.75 KB
|
|
MD5
|
1bd41a287458fb067ecd4f355bf9ff0b
|
|
SHA1
|
d860fbe3a3b3c253939f6cd7568ef6efd1ea4687
|
|
SHA256
|
057eebd533106ee0a3f3664562a0f883a526ef9bfec5fd1ae8427731f1be76a5
|
|
SSDeep
|
24576:VLTWHsyUFDOs2uBvS23d9HfpN3tpRjlx3L:pTWHLtsKalH9/L
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.13 MB
|
|
MD5
|
937f682e494440dfc42d28a6f63b8665
|
|
SHA1
|
f47c764abe08076c484f13fcb43a27bfc55f4dfb
|
|
SHA256
|
3319eec67b9a3a6cf266e7867227466c9970c12ab6d56213dfa5b3dc3144bf59
|
|
SSDeep
|
24576:lFrI7tmPr49kBOVJR00j1Gg4Y5BumegcA5n38:HrI7tmP09k4J3j5Bagcs8
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
378 bytes
|
|
MD5
|
8d7f63c19f16b659b917ddcdd4bfda31
|
|
SHA1
|
1a9dd3a0732e0a35728f1913e582d54f46bfb2d7
|
|
SHA256
|
da6223830802dc2674ccbed48f65a62f248bb5b19269ef29dd155cbc52a88b38
|
|
SSDeep
|
6:OrSGvIosvar/UwF8hwDH4ts6WCVf1EY6xXssL18Xx3Bgt1PZhj+UHXv1UaSY6t:kQPvarcBcHgHf6xXz8Bmt1PZhj+YXv1u
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.94 MB
|
|
MD5
|
2fb10a322517f7cbfb3a6cfe3f7ec571
|
|
SHA1
|
f50dbea0bf05e4a4f73abb265fef52fa43db4e07
|
|
SHA256
|
5ef870f132dab830dd5380a5f66f2db9ead790ee6610fc191c638c2aecd616a4
|
|
SSDeep
|
196608:6a8A7fKP0ReD0wXKLUEfRrDXP2ifogB2jHcSBLWiyvyWJRMLhdPWfi:6aRDKP0q0wM9JrL2ifJcjhW/6vL3Ai
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.14 MB
|
|
MD5
|
7aadc13a6b340d0912fca34efb6e278d
|
|
SHA1
|
a682707d004389bbe464f98b5c395f52209a95ba
|
|
SHA256
|
44395073c9d5232ad1a87635cfc1e88fff1283388a6708a7114d18b7b99c14a9
|
|
SSDeep
|
49152:zDxL8QBo0Tex4S120ytJylfySe+Z7j9uBL:zR89t1tfyP+B8p
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.14 MB
|
|
MD5
|
45492979471c5633e724edf45a13a25f
|
|
SHA1
|
d6fe5b982ff04cae2cd67222725414e13e126801
|
|
SHA256
|
eb71ecd973e5e29f8f11cc27c44a4211d9c2708bedbb013a924f99e44179f9e3
|
|
SSDeep
|
49152:zDxL8QBo6Tex4S120ytJy/2XvJm+xdUkxp:zR89j1H0Jm+3UWp
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
67.85 MB
|
|
MD5
|
6b078cbccbab0d5edeaa1d85f11ba58a
|
|
SHA1
|
66820f091ea72f244d2d2019748cbda0b7b9702d
|
|
SHA256
|
7597007b7fd82fa6fc079ad255cc80561c20be4bc515df7968b4b0e377292774
|
|
SSDeep
|
196608:H4KKCX5FvaeoDcBdxmOJR7nxOKOmE7dzaNQwr:H4KKCX5FvaVczxmUJnYSE7dzAT
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.15 MB
|
|
MD5
|
785e8140291b81280ac12f751e0df5ba
|
|
SHA1
|
c4e9978480fc51ce20e6201ddfd68fb6fbf50e8a
|
|
SHA256
|
3abb5ee62379091c6d863b85c86479f535bb423930f7bf394c232aa5c9927eea
|
|
SSDeep
|
49152:zDxL8QBonTex4S120ytJyYBz4Jm8/3gCK5ROA:zR89K1gBwm8/QCcROA
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
10.25 MB
|
|
MD5
|
8155df203e443289142ae468f16d008b
|
|
SHA1
|
00849e3e56fb221b6182ecae2adb2a864d5127cc
|
|
SHA256
|
b8a854cc20be2cb52a3b3678ba7b7a244af26e20eaf520736275011b39d711df
|
|
SSDeep
|
196608:aPUvTYpH9RBl/tus7o4L7tZiTnp/jE4U/bxlLRx+A7p:MUvTiNhU4L7tZiTnprP0txRsA7p
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
14.88 MB
|
|
MD5
|
0132354deb06c352353675fce278a129
|
|
SHA1
|
82f447263c0d4d83d398af15034413083edcbc35
|
|
SHA256
|
8e5451128ff68d309300dd54c2a3bb83f196e6fefb39f1e8d6b7c24b8a6f7307
|
|
SSDeep
|
196608:TIwm3nNVAl+ig71eZ8FclBElWHEbyLbyo9crpLlR8ioLO0ZF9CrpbQ:OL71eiFge/GHyo2rpLkcoCrpbQ
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.48 MB
|
|
MD5
|
334521165f640d407e1beee71dd34595
|
|
SHA1
|
0ac7540455967328df5ce20ff64edde89d48ad30
|
|
SHA256
|
2ab6bf1c2038a99ab3775d2f3dd27b54feff04de34672a63bb69d369ec1ac6ec
|
|
SSDeep
|
49152:fHYLL/WoWLljb1R6rOSN20yRJ6XD5JN8mswRlcjt:fqLVW6vXnNhRlm
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.35 MB
|
|
MD5
|
5ac3b2f823590cead6e0b6be5d7e60a0
|
|
SHA1
|
2947961c5695a34af5c6d1ffb5e8daac2395e471
|
|
SHA256
|
270fd42d0d7f4f7e56ec37f0d625e9493ebf2a7ef22166dbf84fc4746f15e5f8
|
|
SSDeep
|
49152:R0opH/cgHa3HRxz+4gDTqeLGT1uhjMF9Uygt:R0op1Har+oeLiXgVt
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
42.53 MB
|
|
MD5
|
4fb6c079967f604d4b8cdf477caf6de0
|
|
SHA1
|
a8777ca0e49e5d98d01a6b007c7b62b5dffb5b63
|
|
SHA256
|
9fac05c1ffc4b8060b0a5b942d35cc90c0bff012af1a00a6712c6d03018b083f
|
|
SSDeep
|
196608:MaurJM4k8IMj3kMxfGbWaxJMKMA4JxuiNQG3A2r7rfiSFhysD8uxDxKj:EOn8IQkM2BFEx96G3AUf7FnzKj
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.16 MB
|
|
MD5
|
5e9f8d7188f17b96a1befd8cbe72ffc4
|
|
SHA1
|
163447ac97d0490e78f705ab02f2f58d5483958f
|
|
SHA256
|
5ecf9762f13699281a970f0f6f34043105ee02eb58fd9c8750e211714a2e4912
|
|
SSDeep
|
49152:zDxL8QBoSTex4S120ytJy2nTH7k5Fjp7T6lHdAa:zR89r1Mw9v2Ht
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
11.70 MB
|
|
MD5
|
052b4a3aaf24e1879297e0f1408c7662
|
|
SHA1
|
ccf2d2087988828f8117c27f1ec3ccaf4b5b926d
|
|
SHA256
|
6c23fd16b44e1eefdf52ac7ad99a1fc46a9b4b3e77c6643dd26d1ad79a2d1021
|
|
SSDeep
|
196608:Vf1gRyjQR9g8YYIcjfXontQdQGzFZaGkGdN7p06H1JX/WanfW/OIV0h:V1WbR9YY5AJGBZWGRz1kaza0h
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
13.76 MB
|
|
MD5
|
42ac6eff5aa1dad153cb32ec3d616e43
|
|
SHA1
|
8d8693b1d4aa27f2f48345e6f2e760c5f205d163
|
|
SHA256
|
b8984acb419b90aab0f7fd9addaa90b10847e75aeaabfde74fc133085adf3455
|
|
SSDeep
|
196608:Yu6eDsIwHBL4B9lCzT2bOgcDuihGYrLpVUBJ/7HAFGtNy6aMhnRTU+:WqsIwHNB26gVE7e/7JNMM5RTU+
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
20.84 MB
|
|
MD5
|
3d0e1f18676626331ffefafe53b18248
|
|
SHA1
|
80d370bf723a4b00b769c1a7266d63de82280ab0
|
|
SHA256
|
9ceac29cec7a9772266c3c6ed68bc7f25dcb38c12c388fe9f21e58890e9cf26f
|
|
SSDeep
|
196608:PFNUxdiOm1j3/abCsYwFOSQo2pWDOQs4hW6s63HS:qPmN3/abtYIQoROQ93RS
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.54 MB
|
|
MD5
|
d0ade2e82969acb3dd0b87d087409f18
|
|
SHA1
|
99ff4724126745d919c19a50b14e43483ff168e6
|
|
SHA256
|
69ce3ff5b9b3f377d0c0cb19be8b0b659df02bceecb76986a2c774fca1baa61c
|
|
SSDeep
|
98304:zDMUwxyODPFhbY12HLodiF4+5risZukJQO9m+:z4UwVthio4UVQOn
|
