Remarks
This is a filtered view
This list contains only the embedded files, downloaded files, and dropped files
There are no files for this filter
There are no files in this analysis
|
Filename
|
Category
|
Type
|
Severity
|
Actions
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
64.25 KB
|
|
MD5
|
9dbfe50306aa9d097e62944f2637b0af
|
|
SHA1
|
f15fdccf946affd775327993ca1af22fa1f3c09f
|
|
SHA256
|
9b662fe61b5553f0bd422e74b90d279c9ca71d0e9d7f3552ebef2d88be160633
|
|
SSDeep
|
1536:UvbKGgGOM1p1s77fvGVW21KL8HS5uTrLxqckYd6nvv:UvbKnofs3XGkrYHuKrVqc3knvv
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.25 KB
|
|
MD5
|
a459efc857dc5a866ab4efc233924aeb
|
|
SHA1
|
d0d1c31fa1678e3404c2ea08fec71c07f4a5793b
|
|
SHA256
|
eaecf9ba846d6111a06028f0bbbe6bd0bbc8b62107fa97b4b1922d8059b3cf21
|
|
SSDeep
|
192:3t/oWudFqXmWD5qOOsTGYAslRmPHFib0OZzUTL3R4P:9/ZudUXm0GsTpAsoHkb0OZATL3K
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
08016938403599ad0dc5ae20b36be58c
|
|
SHA1
|
19cca646e8440ce41c8cb1f8a11b821af647b85c
|
|
SHA256
|
f35c41e231d177c98c9ee0fc24835462a8501d6a0d8deb13fec042f189f17f1e
|
|
SSDeep
|
24:Bd8K/LrrscfC/KXZlFpp8nBp0DPc/WYkUIEoH5l6NDN2Z2rrAqs4HFAYtee43PtX:BN/Ac2KXZzpNU/Xpo8DNCoAB4H3teem
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.07 KB
|
|
MD5
|
400973249521dde496634a15b94670b6
|
|
SHA1
|
64bcfc075d78c9593da52468c334254de1a7b826
|
|
SHA256
|
0fe56fb44060303f765759ed42aadd70e1e83fed15cdfc39eccc539c54ae6f14
|
|
SSDeep
|
48:RLdOgH+GLhQNbh4r9ocVdN8AT+UcygiYtYDYEwQAgc:NAgH+Kabh4r9/V7qFPtYDAx
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.80 KB
|
|
MD5
|
5d030fba14d6dc2878aecde1d0f3c4b9
|
|
SHA1
|
9a0fe182a7ebcea77c35310c0045b76ed9b26afe
|
|
SHA256
|
a0a3716d5e973b33734cb0ee224773a86524a261dbbc66b0b059335a079357a5
|
|
SSDeep
|
48:DcUbtSrePOEuW+ssChyMvteFY5JyUfavTsARdmfAs:oo9OEuW+FayMvteFwPuTsEdmfAs
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.36 KB
|
|
MD5
|
35f115635f46db16a57885cdfe20fdde
|
|
SHA1
|
8d12c841ce1704d6cbaee557bfa4f81d28151c08
|
|
SHA256
|
e12ccd202c3fb0953396980d3bdd4c743b6acdd5356b220a2e23c04af8e9f569
|
|
SSDeep
|
48:3/EFQ+KfaS2WuUq+YBtfUFbXoFvtl9MLYzy172QW1n1BztynNwTam99Gz/EDXWqN:8FQ+KmhU9sXyLhc1BBUxmjnDz8w1w7TU
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/zlib
|
|
File Size
|
4.33 KB
|
|
MD5
|
e30f83460e480c5d8dcd8f1a02d9514d
|
|
SHA1
|
dd839397dfa9bd12951baabceb30567147aeb4e0
|
|
SHA256
|
133d3666f91d179b2393f7c91509a8bba65504d94ee90c05b9443d94a4341d89
|
|
SSDeep
|
96:KAJnsZJb9nbOv48IUHP5R8IRjskjjIG2fj4JC92sMaIELB7eqAk:KinsRb1UHxWIRjskj8Gw72ELz9
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.60 KB
|
|
MD5
|
0d46538fa76fa2b9b5adf6da78721a00
|
|
SHA1
|
ab0857a3170a2d8e4528ffc58fb234388f78e3b6
|
|
SHA256
|
73b477274b9c80529ba86d9b7a14d65f70b7c6e49e9ebd604445915df11a5262
|
|
SSDeep
|
48:krNfukgyagqqpi6gZF06f7vkB3yDV2uYsCk468ykWcd8NyoaA64:uNzjaP06fTs6V2uYsHcdmybA/
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.76 KB
|
|
MD5
|
80a9783d8d56558c84518bad9662597f
|
|
SHA1
|
21846cf83f8d7557d479b389e7fe17ca880eba0e
|
|
SHA256
|
f594b5b5f3c1b82a7577e4542c8b9b6e8846ec491e01b217a2e4b27dd2858c9e
|
|
SSDeep
|
24:xuQn4CPOAEsEPAnP0FgfgApSfrh2l2gAznIIeY7MO2Bqh1YB0KRQEpIxgBeeAPtp:x+kzELAP0FgfgAf2gALIzuGFQApeeQ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.55 KB
|
|
MD5
|
a654d08b046d8ea92e4ca952af5fef28
|
|
SHA1
|
fed651944984d3accfc4cf580cce826478f04d78
|
|
SHA256
|
90829112e3a6ee9efbd6f49909675942c1e9ed03374fa7e6d1bfb07fd36cf292
|
|
SSDeep
|
48:oXvjDAkeORgbGNxoHAj4ioG7WAOvovahAN:o/3YOrkHAj4RG75aoihk
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
c4ee2f7ee954d947d090b10cf1ca3552
|
|
SHA1
|
b72dc1bc2be743128e69736b85050c65ebeeaa02
|
|
SHA256
|
3aaca48566bdf49a73d9cf60976d5eaf7136a0bdb3476efc758dfade76db9217
|
|
SSDeep
|
48:S9Nzo72AFU77H7OJ7h1oXl6hWTn0JQEN6:ao9O7S7DoXoG0p6
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
cf93416bc7d2d1b98bdbeddae739ca72
|
|
SHA1
|
44401d5addf46ca1a04c9609498c70b156019fbf
|
|
SHA256
|
c2f07311f5ca20c0cebb9e77652560805733854b70f56d17028086836742db46
|
|
SSDeep
|
48:H5HLQLAtXMlWZrlWnr8/4iT5Jt5AQyq5etEYeehE:ZHglWZrlWr095j5AQ0tEyhE
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.03 KB
|
|
MD5
|
d0d37da11dd7e6bb64666c46c4f57a45
|
|
SHA1
|
4fdf29e14dd9f482f492c63a8b9e91cf1b5a803f
|
|
SHA256
|
8d28cbba53142a056d58682714beb6ad3774a175222b074af6dd3ab1bea91f18
|
|
SSDeep
|
24:d2Pc2Bsn9zRcs2N/rW2aoVKu/WFnoRvJ1xJwWqxPFCPtAd6v:d227w/aZKKYWgx9qpFu
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.97 KB
|
|
MD5
|
aee3eb2b8ebc88529a397cb37c47d365
|
|
SHA1
|
390e89a7da3460ff57416ee795c896716b52f94c
|
|
SHA256
|
d5c7a4c2c06959539c0185bfe99645ba2b48f1a81d19178abb8854bc7cae7203
|
|
SSDeep
|
96:1GQt6312gNWkV8GpZUXWsVg2/HdleYmG2gpI80iyv9mP/erfvaT8hP/XpR57ti+K:1G7F2gNWIZUmI/HWu2wI8/tcvpttl+8I
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.60 KB
|
|
MD5
|
32106bce60e61b66d26cb340a7d629ca
|
|
SHA1
|
7582ecac8d90378a4242a42a5e730cca0bc5943b
|
|
SHA256
|
82a7fa18156a12418ecd06dfe80b3294610b1f23c4d755c64dd4dc3a374d1a1a
|
|
SSDeep
|
24:8Xi53laj2Cbmb+7XcqPqP1SkjboXY/hoajBJhLFg55WCuUm+tuYha4k2leeuB8PF:8+lW2CK+QboXY/51sITOh71eenl
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.99 KB
|
|
MD5
|
a806f1bf1994e1362ef9035e3d9572ec
|
|
SHA1
|
4064650a2a54c1fc3dcf338924c66b822d159a73
|
|
SHA256
|
393cba6fa16fb15db877db8598400300cbe30f3a4e417ebd3df4a9ec188a8485
|
|
SSDeep
|
48:2AbRLvX1uX/bk015h9MUvEJ3V/lK2zJLqCveecl:BlvXsX/n/uPFNztqCXcl
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.44 KB
|
|
MD5
|
1347313d850fe6ca4ae0ea91b4b3e1a2
|
|
SHA1
|
2f270ee54237deda20834e97773f7f09c3adf709
|
|
SHA256
|
dadb7dd90239bb450be15a394ba72b15c21e0b2c2766490f0216dc685fd5d139
|
|
SSDeep
|
24:rnVD86ytw7xGMaT4gPVPDTi11QSHY4Dgjvm+RCPTFZ2UveeEuPtAd6vl:rVD86ytGDIfNPDTaQS4VxCPTFZ2Uvee9
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.04 KB
|
|
MD5
|
234c24d58d7b89a73ba907534c5c8956
|
|
SHA1
|
4156f4e32126f22ac3bd61b3bec3033c44e6ebc1
|
|
SHA256
|
471dff376f5c48c9ffae788556d682b7a2163fd88fca2fd1a4db84ceca83ddaf
|
|
SSDeep
|
48:cGj2iDysicVHMdupg/KaE2VBUn/NkinGutx1mMb9QaIfAU+:cmDOcVsCiU1BvtriHfAZ
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.33 KB
|
|
MD5
|
e3783d28659eaf75d0be051e0d7a8159
|
|
SHA1
|
55c2d077f7d4386b3a547d347d2e431239f51168
|
|
SHA256
|
53d59901ec43603d5f5b8db58eec487bf6022d96a593f6c1a3de534e2417916f
|
|
SSDeep
|
96:S+DUWmRKc/rfv0beIbLrK/lhqI7c2es+bllhPSLL8p4EuzYrW4dyaRGhaGToyuL8:SzWh0TseIbicv/bFP0L8p45Y0a7ioTS3
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.47 KB
|
|
MD5
|
61580b366b24b1c3d46f8e3df5c721ef
|
|
SHA1
|
bb2a7d60300cc9f3c0058831a164af2ae24c48a7
|
|
SHA256
|
50a85f46b0a7cd51b35da1eca191c68b9bfdb41eafe1f9be91954249c5e257d5
|
|
SSDeep
|
48:yI4gkiQlc74mJMSUYCqNd/i08XFIlFgxhrGRKAF:yIzpaJYCqN80WkFgxhrGgAF
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.81 KB
|
|
MD5
|
2d3c4d8aebc04747b6f743ffe3416b5b
|
|
SHA1
|
9c612a6aa2e98cc1c85b9a953caabeeebb8d8314
|
|
SHA256
|
c186408f980d0f5a5deb83cfcc4e35f643b9ec58afb12cc20ed12f00299a83a8
|
|
SSDeep
|
48:0fSeizH59A4ed7ToEOdWvxNiRtQlYSSxUBqNFeen2:0KdH5ed7ToEOdWJQtqkjn2
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
97cc6bb89e95728d983ee6367fe53842
|
|
SHA1
|
c2340c06f470b5c41d85c7e36fc59e448655a863
|
|
SHA256
|
036db55894e4a94d8cb05678c9e7d11e7a08a999f4615cd62187c598b6ed16b1
|
|
SSDeep
|
48:9yXRlsiuyllW91Fxp1HTDJUrgZ7MunjI9bVUGU:9CHsiHjW91rnzVnjI9byGU
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.54 KB
|
|
MD5
|
6bdf293cc4187fbdcd3da02425a2aff2
|
|
SHA1
|
3170e47164b27a4408e2b690ffe5a26b26e416e9
|
|
SHA256
|
d6f4fbb49affd40f1cad2eb4c7d552a1d0669b09b4d91c3ed518dfb3504771eb
|
|
SSDeep
|
48:tXoZ9d6rBr7vwt0iV9nx9maWqkf4A5oPWU4GybkXfzAU:tU2N3vi59Pns4A5oeU4N4vzAU
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.51 KB
|
|
MD5
|
e7dec5649eca99fd0e7f754e6acc355f
|
|
SHA1
|
2543db237fd3760c02604111d04d130aee9e6128
|
|
SHA256
|
fb1d1888ac0652b2818a854eb508f09368785dc4001679428aa7cc555aa57a67
|
|
SSDeep
|
192:FyAGtQoX8lCOTK8hNYXUKCnONrG8A1tfxwkSOgIIx6scmtJtmWpfWgmgVRnnr:0AsX8lCOTK8DeMnHlSOgrvDJtR8gVRnr
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.14 KB
|
|
MD5
|
0bd7bab526c943f8cb790cefdb1b7ed3
|
|
SHA1
|
f713150c5de60a52907529b79922b9401ff35800
|
|
SHA256
|
aab5f35967e8c3bf7da5df00022765455134769dc65bcb578e084590ff9925cb
|
|
SSDeep
|
24:gKJuU3jnPxUMu7E5tNYwBlZ5EG4hIw8zdobhqDFnlr1m8PeeMPtAd6Z:VJuULPxbuK20lZPYIvdok1l1m8PeeW
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.65 KB
|
|
MD5
|
186379ab52cc26a229ab4c989e0e6d3d
|
|
SHA1
|
4dfa1c7860a4e096fe77f25e6e78d5071f3a5162
|
|
SHA256
|
6fbf5a0c7a340a72244d1a2f0a7de319bce3952368184ded6ae516260631c24f
|
|
SSDeep
|
48:czgL1vBY6/a+izTvpp843qd86ZkE2kAZ/0gAM:S81JYIBAp8xd5ZkE2zRZAM
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.18 KB
|
|
MD5
|
af81b57696d56035c7cfd04a0f2098b6
|
|
SHA1
|
72091622bd60e10d91dfefeb92351ce8b712279d
|
|
SHA256
|
e9b0f590e39bf0206b7c83d28a8b7adf706d8c69020ca3bb3c14b611d8d5cbe9
|
|
SSDeep
|
48:djmXTJO6FxaS/syEz2PGOGvMA2HJOn0eL7QXML17y9KAG:pmVOv4syuAGAE0UQcB7HAG
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.67 KB
|
|
MD5
|
0a8bc623938f5ec00ca5ab2f67c40064
|
|
SHA1
|
e7cf803a2923278baa830c9a2de0536038bcc156
|
|
SHA256
|
262c8242ebe68961f6c1194f6ea4a9b2de87eb22191994ccefd2fe9572cc67a6
|
|
SSDeep
|
96:75OKhTr3sZabcFvpG5dKuheMWo4DfaOR6X1ilmO6UJ4pYOXB8jCAwPhb49:QKhX3a7M5YCeMWo4DfyX1ilM0CYOuWZa
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.07 KB
|
|
MD5
|
a9198467b647899c441b37c67cb2b6bf
|
|
SHA1
|
119834a913d0132b2a9c54e1297fb480d2d220a6
|
|
SHA256
|
4ff05ec67bf38553479bae5fb70fd281475aaa4004039c103dad7d120bc4c5d8
|
|
SSDeep
|
48:1EC4hfp/jDJLtJ7UvpIfkK7hGWYUszr+b4cS28WCxA5D:1EC4VJXJ3ssY5rg4cv1wA5D
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
edcf3eb07200b1190b678e6c9669ca66
|
|
SHA1
|
2d68cc2505fc81bb8cc0a0cbd18818caa14243cf
|
|
SHA256
|
bfae270284df3da8b71b452efbaba9c222c3d13b705a17b5599c1136865ebdda
|
|
SSDeep
|
24:HHPXJi9cns7KcK54a/bC4pp937XQg9Lm2mNS24upPtAd6n:HH/acY/KmaTrv7XQgpKS24ut
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
65.85 KB
|
|
MD5
|
5baa16ea7a784f23b1c0e9bba4821572
|
|
SHA1
|
8c84d7b47016c5530d6cc01293b449e1b898bc8e
|
|
SHA256
|
24736a82af0c1c16460d40ce251f5f887290302a7e2797f5bce7d3e18b3c1b13
|
|
SSDeep
|
1536:qGGBlRtpFOL+pPtYo/BkdhDb34y2p4TadupJn6cZwQK6:n+nqylfBkdhDr4ya4Wd6Jn6cE6
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.37 KB
|
|
MD5
|
3e4c733a7d893b4b4785009b40072c37
|
|
SHA1
|
9b20d0c05b5775348608ad334c1d6f99c1d4e24a
|
|
SHA256
|
407c7c4b18e2efb7aec13e2a0b0d5dbf1f73610073cf49369ddee900c582d781
|
|
SSDeep
|
192:VFKdWrviMoy0fjWpZxZno9ZgQGTUnGDbq5UrgwwJ0tzqJYxf8s9jZ7:V0UbiXHSpZxZaGQGTjDbq5URwJaEs9V7
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
9a1811d4cef1d153e46622873bca7987
|
|
SHA1
|
3386f4f0df412bccd21a7d6e88fb45e33bc2824b
|
|
SHA256
|
bb05dc7b3f9c860aed83f9576638b436bed0d7335c32d03c2f2aa79e6f800212
|
|
SSDeep
|
48:O0cDceeFb7tnV27mywEejXj8XuXurExWcaH67fYeeQbK:5co5H2m9DjwuXR4caHIyQm
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.56 KB
|
|
MD5
|
299daca30183f4279a3f805577f112b3
|
|
SHA1
|
346e0d2c4561d7d4530b3c14061b7f159b8ca281
|
|
SHA256
|
1240c115f1c2595f5b9bccdad3d6626437e344d7f0552523d47e1f1e1360e42f
|
|
SSDeep
|
48:UcM3jNfH6fEhfNwHfzNwJPG4DAGzvWsl6xNeev4C:UlXhf2zcPzAov5l6bgC
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
582.61 KB
|
|
MD5
|
db1eeabaea561f353aff6546e74b1b66
|
|
SHA1
|
fe18ea304e9de7cf4b1f24b74a64baef9bf9ac9b
|
|
SHA256
|
09c47e9327138495910ed68183149ee34e06be05c8d0eecb16c6061ed00844b7
|
|
SSDeep
|
12288:2dl52sOFiQ2diQbxgiE7X0GvB6QYPVIMUgyx+DQuEKQuLU+hEskiyd:2dlQs+oiQlg57X0A6FYgy2LQuLU+eTik
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
582.61 KB
|
|
MD5
|
ff6367752d244d3627e92774c174ff48
|
|
SHA1
|
5f13d72bd95476eac32fa49c78489417764708c0
|
|
SHA256
|
fcb379eaa091308e94c6c50f0b45fcd217023a590b39d029ecb7757b3bdf2846
|
|
SSDeep
|
12288:K+gQgGaYzl0YmIKwMfpHm/9lxMDMiMzZDkEs9PbKDk9GBQ65m:K+1gUzldKLfpomMzZ4E0zKDk9GC65m
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
26.79 KB
|
|
MD5
|
1d7e3a41ec9ac94f6e1828657a0ebd04
|
|
SHA1
|
8b0bb38fc3a25676f6569f9c16be1454d9fd5b9f
|
|
SHA256
|
4cb24249cc38e7cc2cfa42b51b81fda147c96a72d13b9522dbe25625acc7ea12
|
|
SSDeep
|
768:9wULcR52R4WIpjXa49LI7pQZy5H7nUMTX8hp7YoIa/hk2B7FG:9HL4Au1a6iQZyNUMTSrIOhk2BRG
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
6b5aa4f56be143ce71ef1db2f451ce02
|
|
SHA1
|
e2eec7b51b110299bf9b89f8e054e6cbbc34a03d
|
|
SHA256
|
4080586078d409fe8c560b33c51e433eb8d10291d40d0d81f5712dd22c7f9287
|
|
SSDeep
|
24:9aWbQe30O+bsoGS+9NQDRBVDLYtZEWS24w4PtAd6n:+DALNKR/LYi24p
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
30.60 KB
|
|
MD5
|
02421303af0f43a67196115667d8263d
|
|
SHA1
|
4b765b9026ddb1769b3f061e7a88fa68c164014d
|
|
SHA256
|
c8ca9d50528e00d56d87a0e3fe3756878f2edce10eb17d2225b36e67d509fc50
|
|
SSDeep
|
768:c0dUqokaU/Qq4hdVuDNlCvVSUIGXSMrBB8wFjDqJQUBq:c0yHkhI6Zsk3MDPqSUI
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
bf40ceef955c99f8a16c448711eff544
|
|
SHA1
|
5529d99681ecb2190626123e51eef7509c2953d2
|
|
SHA256
|
71232359b697b968a98c64476b7303d44303a441284902ad6993700b44fe23cd
|
|
SSDeep
|
96:Tb73IuYd4GPtJznSt4abPsM/hMxBfGPno86i1yZFzTD515D4y2T:TnVAfFwSabrheBfGw86i1yZt2T
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.51 KB
|
|
MD5
|
d103aad80b079cc70a84f946beb970ca
|
|
SHA1
|
280b9a577a3cf529e6321a766bbd30b64802876f
|
|
SHA256
|
bd32ba6716eae92290cedc2f1e5278199a41ed365137c79cab2f4cfbce2dfe25
|
|
SSDeep
|
192:/0CaiLdlwcRp7m55AkZGH46aC7p5WFhLf:/0LQHwepK55w4J2Qjf
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.52 KB
|
|
MD5
|
0873cdf6d0b05f9de42cf4859e49bf62
|
|
SHA1
|
2c2d8224e288a46bbd1855e10bcbfb2c7ae28275
|
|
SHA256
|
928096f1f2f1284b9c2f8971f22175c24efcc2e3b17e0f4d1be2f028607ba922
|
|
SSDeep
|
384:GSJjdOqfko7Hkn4vN6CE1os5vqxjn5voHYQ315BJwROzaRB3a5n:GSJ5b7Hkn4vUCdQCxj5A4Qlzzqi
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
77db49ac16d7467d99b29e2c9b2ee011
|
|
SHA1
|
a2b6484c1909b24d0031f438742af7cff0bfb139
|
|
SHA256
|
8cd8e97b825062ebe565d5aa1c78c07645ca869126b73f2b5cb3053a935f83f7
|
|
SSDeep
|
96:+Zfy+1wHTxmIMcuf6h2flkL2IVW9Cf6z38IvvT19D02jnEk:KZwH1ucufK2fSLl2Cf6zhXTE21
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
cacdb0dea0b9974cecbb6cc36f6f2277
|
|
SHA1
|
49bbd36e5016ffe4aa56848a6f2d1cee62f6696a
|
|
SHA256
|
e3f2d20848b864270441297128265a87365e2e614edc7e1e47797816e2fcf884
|
|
SSDeep
|
96:L6moUApsXHTNqgIC/T2p/EE39m306AviwsLQsT+7TUTPIEV/:roUAWXuCb2/EGm3NAvXMDPI6
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
20.33 KB
|
|
MD5
|
064cce289b5d7d9c2a8b4500d69acefb
|
|
SHA1
|
73f3267c708c2319d9ca5e0bd206e09251580b51
|
|
SHA256
|
c1fff83cfb2f0794591d50495b1449b4e03672ecb3f4b0099c208cdb4ed89c2f
|
|
SSDeep
|
384:HR+17ILY746j6InLI/dHOjB+HfTUmyPuMxWbKwyjH8gRe0yDSFeV9QhqA:M17IMU6+MK0+HyE2jcn0ejV9Y
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.76 KB
|
|
MD5
|
6dd5b19401b552413a6bd9e18ec67d62
|
|
SHA1
|
434dc5ec1f5903f9267adb43826c306e2935eb3f
|
|
SHA256
|
3cda75862fa29cb32ce1547c6450f544bfd7034dd072dd9c344bf880b3ca0053
|
|
SSDeep
|
192:skRMecaUiazokgmkcGkJcgkGT/75+SYliPxFRoz+ab:skQaRakkgmiGcd2Uv4P9++ab
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
14.94 KB
|
|
MD5
|
581533ed936dfd78a2837e67079bd0ca
|
|
SHA1
|
598e3fab78060cfb87ff52b6662d92a00667321d
|
|
SHA256
|
7efa81afaade0cadb3ed8ca5e922c388f9e748001e8cb4a4b4c8781379e691c5
|
|
SSDeep
|
192:/kBLTI6wUtBxGS+YvCqwW7f6Nut/zovpbhiuArs3sd+g8Mb8FXUVjFzoJtmlG0Lv:2TnwUR+Y6q1U9AsF6boTySMgaakD
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.27 KB
|
|
MD5
|
138d8544ce2cb8cc756cd2fd0b9de47f
|
|
SHA1
|
31de559a61fdd229de88c0623134b94d569218b0
|
|
SHA256
|
dffd383ffe873fd68411ce43d3e41fe552c24ea94c27c33f41a4a896aede2745
|
|
SSDeep
|
24:B+y5Sp15V7tersCtUq2ZvOZ9yLa9i6djPG1pYKWRVTPtAd6z:BbSp1Lte4CtUq2Rq9GuiETkUH
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.88 KB
|
|
MD5
|
e39e44653bb1184d5762ca2b06c75381
|
|
SHA1
|
388446194cc1d77c9188414ac4806ae89ed55336
|
|
SHA256
|
6dc808e003c20ec54029dbf07b1df1a5911b9f68cc7b0a588e75cc9d8b725b34
|
|
SSDeep
|
48:dQhvZ8kY43O7fi1lBytAQVO8FN1xZShaw/dekSH:dQhyk/e7fWlQm+XxZSEH
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.70 KB
|
|
MD5
|
c5111c25273fbda41f72e28c480e0d36
|
|
SHA1
|
59fbd61b747e8febecb5d3448a05acbdd1df790e
|
|
SHA256
|
4233f5b421bf7cca134deb97c0d1e26749971c288ed117b2fa32ea8b27fd1b55
|
|
SSDeep
|
384:Op7LA3LKFllcc5MMvMv15n+MzBzEIU2n6WqZ0hbxRaT1hmzN5DfTrm4Fn:ORLAElac5Ml1H9EfWVjaT1YHfTrmA
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.80 KB
|
|
MD5
|
76b14e31bc20600de22d36edd1136e92
|
|
SHA1
|
203cd17dfdfa8a124f175535f09ce1194d093d7f
|
|
SHA256
|
d15ab656bf86f32002df7e618b425e6a0a9146742c8f9f50e26e85d337f1cc7c
|
|
SSDeep
|
48:dBeo3NkaPvqCqxsT/4nal+0ZbDUfqFypPoCcRc9w+FpgcQeU7+VtbPj6AXL:dUo+aPqcTlZDUfqyhoCcRcjMcQeU7Efd
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.27 KB
|
|
MD5
|
e196ea2f14c41fd8eb968663f7c49b9d
|
|
SHA1
|
36cc20f3d672976f32ac5b90d1432cccef2e0c18
|
|
SHA256
|
7660e77f46bb31ae87dae355d4875b2c54eabd755b08b87da5c41ebced92250e
|
|
SSDeep
|
24:ObgK4/0FOWpy7VPKAnA86MMFPGl6kyn/qMCz5Bl4qnIEye6cIUMSgj34HPtAd6z:OkK4/kOWuKYhMBG4nSMCz5bnIE6HUMPG
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.56 KB
|
|
MD5
|
b05916ae22bd6300536a52a8a5d5fc00
|
|
SHA1
|
0111048f9818b279b03fbfeaa783bb83c8b91ad6
|
|
SHA256
|
6404a7334d2436eaafa7a96e3ac36365f75afd3d634de31e7be2462b43b49da2
|
|
SSDeep
|
24:JN5f8adN+EYn5rYPxkWGZJPLNDkes+MqWob6xVnWPkpQmXhOndirc+M+Y65WSP45:J7f5k5rYPxktVK+rWomG2XhOq7DPq
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.13 KB
|
|
MD5
|
15a527da4b272c830b4b9c9918ed6dd2
|
|
SHA1
|
799fc34a215450e90944264518c93eba2d7b62db
|
|
SHA256
|
4cab675ee56bafa2204f57783998de44820e0cc072d089212962480be0664fec
|
|
SSDeep
|
48:wUaIWV2i9R1gyM0ZCsvsGDoMcSMycJdl8EsL9RK0IvxSjFJzVB2:FWV2RyMaCsrxcJdlo/KhvWU
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
d490f5cabfcdc4b8c164320f3d15ee90
|
|
SHA1
|
fc0e42527f1cd527ab2025f53c839381d94f576f
|
|
SHA256
|
8b79e183b2bb4289b13eb7d6e14457f167edc7eb985ecfbc87088d29a0d981b8
|
|
SSDeep
|
24:J36WJ9iSUwztY6qVble3gWTEjs/JiQmcwzipWS2YJPtAd6n:JKavjztY6AKgWIo/ScwzK2YN
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.76 KB
|
|
MD5
|
e3a5d14afa66b79bd250f5c88985951b
|
|
SHA1
|
293cddbd714fc4c88e2b9f1082a256e00ef4277c
|
|
SHA256
|
8bd788f5703a887b36c896cab4052a477d840e7a88f05a1b8a77a4ff6203edc5
|
|
SSDeep
|
24:S2tGbs31IeNuNy93WOrvg6RVpGBJFZXTmZ2Y/dOianvs69er+n37aX9EDwBIPetP:S2t33XNI2vD/UVNTmREl9Q+n37y9EVPg
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.47 KB
|
|
MD5
|
ffbf26f80825592414d396664c712b82
|
|
SHA1
|
39b0b85e5b476650295045d20cb6b8f608d4193a
|
|
SHA256
|
7993718c40c158cf4558dad5a49a3b975c93117e666503835e0d3ec173b2dcb5
|
|
SSDeep
|
48:6doZMWEtnkyV2rmuuApSL9DixWfbWS4wCRuGCLT0MN5QyfZgGN398qA0AL:6dBWkl2r5SL1jqS4wV0Mkw/3mH0AL
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.80 KB
|
|
MD5
|
18b69e945eaacfc63b9c9bcfec9aa700
|
|
SHA1
|
b4172982050c8367bbe5c48081774358227f8c1e
|
|
SHA256
|
724ed906eaf2afdb9df2e41a3dd54cfd99e94c158024e11b32f542d88df7313d
|
|
SSDeep
|
48:3PupLOGbd5NhRIo4yvMmFK0Cmtq0CeILQR46JIMwLtW0b/4oWi9AT:WpSK3NhRIo4j8tVCeILQd6tWkWi9AT
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.44 KB
|
|
MD5
|
6e0ab1229524d2c4a299f39a4c9ae693
|
|
SHA1
|
77a9842dc508fbb9a1caad061b32dcbba37dcdf3
|
|
SHA256
|
278b33024dcefd308233dfb11b983b5a6bfb49474153e501e795a5d5565e4463
|
|
SSDeep
|
24:JKzXAlngCCFFHdzOqhCUkyrtHgWVCzovMIJD2TaRhjPRWPtAd6vl:JKX8nU31hCUkyRV5tDttPil
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.04 KB
|
|
MD5
|
f1506a113d78eccd014978e31c853ae2
|
|
SHA1
|
f8b867e6293c357d341d559f00cdd0a11a04c279
|
|
SHA256
|
6007d08f93efadf25faa647eb3c538a958fd396d2972228000b615b80a0d16be
|
|
SSDeep
|
48:LDzdjzP5KmgV3HtMMvfdEVUJ/YdgkBM5xec4PRKR6LR3GAE:LVPP5Km4vfqQQK/ecD6LR2AE
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
582.61 KB
|
|
MD5
|
cf19955b3f99192001e18a9052ff2050
|
|
SHA1
|
695a1c27abe4cb202f0de5ddac0780c937aa0c53
|
|
SHA256
|
6f99c6d3cba2ed689c767f06fed08546095e53fe71c5d8c0f63199afd45c004c
|
|
SSDeep
|
12288:t4bSd8PO56Xzagbv6i3pPN9+YtIlYsxhnzgsf1/qGV/LwbX0omodDhf3DSh:ebZOwX7bSsNgfYsjnz1fhUbXyADNTG
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.67 KB
|
|
MD5
|
26176b2f8b8c802e5beec1747dcb65e2
|
|
SHA1
|
79962087b53371d74d2d4f93fbff3f7895a36c3e
|
|
SHA256
|
f9bda5ee76c163e0fd0b334cc95050904fd2dc3f06b7fd81d201d4cedbdd2b2c
|
|
SSDeep
|
96:idPHzUi49P+0YraXOGkEdjem0YRv0MMfAA4uYCTJKq/pkEvfyaefkAxKx8XuzjYj:2fzUiC20YeOG/Bv0BfAAjY68qjvaDcAF
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.05 KB
|
|
MD5
|
87429e871d942f6d2f650da3634f6888
|
|
SHA1
|
e7496829ff6b02acdf3da29fae7f21891cd2dc1e
|
|
SHA256
|
a05d1ef8c44210b912db3fd620f3b229abfca6e6cfffe513d0c29bbb45d7fcd0
|
|
SSDeep
|
24:WWDnIt2OJNS4yM3anNESYomIq9TRKq5AL1pKXRCsnKqwmXGStS2YItPtAd6n:WbsOL3aNES3mr9tK4eMxKqaStS2YE
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
37.04 KB
|
|
MD5
|
1baf680440612efb27014d401c88d299
|
|
SHA1
|
51c1dd509848ad9ad84521f6423eb62f20d7f1e0
|
|
SHA256
|
8e6fbb01a3e6508c39c2c03e9e8f7acb2b5220b9a63e492751b21bec901f2780
|
|
SSDeep
|
768:r9rDtPpvV3h//kVgQFBi87VahLqLBk7XLEg9NfGVo:r1hugQFM87V+4B2pqo
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
26.54 KB
|
|
MD5
|
722bc4dc83c2f17c52e0231b353d4b2b
|
|
SHA1
|
d5f95dc3eb21f0085edb4e18e8dbda04bb94dc25
|
|
SHA256
|
c076b0885b36eca0ef87cccd35d0d58e5d52a2048f98d2f0d7fdaca8e5cec2fd
|
|
SSDeep
|
384:kexgo9Z6SfaRycdLqiLlJIbkQ9SOwNVkraSIFUYxt16+MYm1jYwv/xO:7WoB5coSlJIbgM10Y+MYm11O
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
69.80 KB
|
|
MD5
|
7d79ec93c57044142666f70a1de0c847
|
|
SHA1
|
c77b1dcc4e8c864488666ee7642c439de00fb3f3
|
|
SHA256
|
009500ca8943e1a4451fc19c5f8525cab8dabd2cf3306504527e83e404c93764
|
|
SSDeep
|
1536:ldsNiIltg/gVYCZN/zyWxY9z6aIsUrPqorgzcwVTL:ldsNtnmcN/OQyUMzVn
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
26.79 KB
|
|
MD5
|
030dafb8993a5de65e3fc7a1cb2c1a8a
|
|
SHA1
|
41e90d1dd25617d629a64a2a9a67dafad71f03f7
|
|
SHA256
|
9954ab499385e5162fd2900dd040fd39d56efd4ff38cbeb16ae6aa0f7b0aa6c5
|
|
SSDeep
|
768:pBpvmnxQbvE7DQ5rPCwxqQkn925EBuL8wmOXF3mj2NRi+:zYQz6MRKoqt9yEBnFOV3k2NRi+
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.37 KB
|
|
MD5
|
f969c140d52b6d293a503b0de4d5485b
|
|
SHA1
|
4c1d0b13156d321f8d9176413043f45b84d348e5
|
|
SHA256
|
8964b72136fb61c960e7083299b5bc06bbca2e6bd7777ad92cf33cc863ff71b4
|
|
SSDeep
|
192:GeA1dP+CSJGvFsZ4u0BzxnRaZjNF4HY5VF+Z/79:oZSM5uUzW44vFi9
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.60 KB
|
|
MD5
|
748068e6f0923b0a74e7e6b307840454
|
|
SHA1
|
9adbd2d43c469efe95769cdddb4adc6939f97fb9
|
|
SHA256
|
a9384916fc3c8bee58f4a8d4a404c63883a32ac35dcaef64b058495365d2f65b
|
|
SSDeep
|
24:87DlR7GeZqQM7i78ziSw60Dq/zZioGMxPB/XJTjF6b8lTeZxB0cVmJ164eSk2lPx:e3yeZqb2AxcSwML/ZxRo0cozeS1Prl
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.14 KB
|
|
MD5
|
b975390b5e57f128010f8e56fafdad14
|
|
SHA1
|
df96389d790b3033756b7986c43df253f70340f5
|
|
SHA256
|
23e292f6f57e7afa654931eaa9321405bba34d018c88a3967052e379ff747489
|
|
SSDeep
|
24:ADJZxfGu+ofZXBo98I37QZh+t+Meg+hI2Dy8yPWPtAd6Z:YJOQe98Ibw4mIQyPg
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.65 KB
|
|
MD5
|
217f86f2156d8de12a90acf15858919a
|
|
SHA1
|
1df7541358a4d8d2377d7bf4667effffacbdf865
|
|
SHA256
|
505566b8658887fa1cef47e7e6ec99d17426d5845342ba1b1989dff04f69f423
|
|
SSDeep
|
48:I9D0SSRYwMOFgeHMHHr4DmU4js9LtZ7bs/iK+A+:I9gSSR7ge7m74/7bxK+A+
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.42 KB
|
|
MD5
|
fd1783cffa47deafc87ba423f1d254dd
|
|
SHA1
|
d76624c4ec568692729f1b8f4f56ac11212c2e61
|
|
SHA256
|
43e2f83af8b00a10a315ef1b7eec2e83e3d3eb535abb216099d6c241f2b82ece
|
|
SSDeep
|
96:Y97iUrKYI+bOh0nQUx3a9QZxpa/M8b8fi5a+Om4vEjm:Y9WgKb+bOanQ4q9QZx0E86nv7
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.81 KB
|
|
MD5
|
260f7718b684226ffbf6d0369484b8e9
|
|
SHA1
|
75f081baa36cec529f3782b5d66e06291dabe396
|
|
SHA256
|
109df39ff5a52c31910d1ac3e7cd4b07b964f4f51c1ab12aebfd444113e5c1dd
|
|
SSDeep
|
48:pxBMfsB+eQBpyoL62z7s1h+v/8xGHvS8/3Pi:nBlBcL62Pc+v/Vf/i
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.36 KB
|
|
MD5
|
94c7a03c570a3cfce6a3795d97afb277
|
|
SHA1
|
b88e6cdcadc4afb05d5a4cf31b8c9f361bea88a2
|
|
SHA256
|
6cb71a29ca42d2cb2fcf3078460f29d195be3fff88e76ffdaae47400c2ea3cc5
|
|
SSDeep
|
96:jzqAttgmLcHpcVD8IlPBbxwiN41FMwcsavQzJ:jzltVQJcmmJtfmMwc2
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
4.33 KB
|
|
MD5
|
8270007ca89bd9799fd5b8a72da2233d
|
|
SHA1
|
8548545c1d1626c43b4bcb19c967401e7ac40773
|
|
SHA256
|
d7d6b3c405c8068dfaa78d913e679e451c79ead0890c9c46ae33532bbbd6cff8
|
|
SSDeep
|
96:sNN9NAClbSnghE5Dmgowpklr7JVvx5ASXoyPRMu0Ge/beFPIU5AgI:sbAsmnghETNklr7JVRVhoJ0I
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.54 KB
|
|
MD5
|
81db4df2e6abb2306b1000a7d9a6f466
|
|
SHA1
|
7bfa87e7955632d8a873e466ba688b2dadefabb7
|
|
SHA256
|
beeae9189517d80512e268a9cde233f785a04f4d96c128658cc87bbce5fd7a71
|
|
SSDeep
|
48:/uYNcVLYPFMbAxuvgvindhSR36eGko0sKlp8wUEJplKkBJTQFrAh:908dMExOc8uRHbo07/UelVdQFrAh
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
65.85 KB
|
|
MD5
|
e0f78a275aadd1fe9de03a79d1eb97fd
|
|
SHA1
|
d776e0abb09f82142ca17cdaae57b752df20ffdd
|
|
SHA256
|
1bb8d38774b28e7942bde52e38614456b4bf2f27b70eb3b04a2533acddb0de2e
|
|
SSDeep
|
1536:Lb/mAHruxENUEYsEq+6vycOtaMDhaCSTFSSe8855Gp:nOAHqxGUEBEDtcqS4H5Gp
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.18 KB
|
|
MD5
|
a3ce683d1d04fbc9e48e840d320e0704
|
|
SHA1
|
9d3b592a03bfb3e889841c3a5e3e964c75ef91d6
|
|
SHA256
|
921b79832e32cfe810d95cd3807607a70df80e6518ffa65203dfe7b105c8aea4
|
|
SSDeep
|
48:V5S1c2oqqD2uPgI60sDyPtLkdXAcb7bTBBpw9P1cm68OPorcTfMbAt/:VQqqqyVply1LyXAi1BAOzTkbAt/
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.51 KB
|
|
MD5
|
6a354d9acb3606dd215b9ec82a25f9fc
|
|
SHA1
|
ab799ed2b4d28b0097be41d31e8a50388e0bfd06
|
|
SHA256
|
2fcc00b75f013a58d03d4f8b9276008f839212872ca6e604e18adbfdc0e1d3a2
|
|
SSDeep
|
96:LwpEdmRWBep9y5e/n+6BVYkPWBUTe7b2MUaJ9NE3uXRnNZWxh3RbbQTvJM6i8x83:MpQeX096NLqbc3kRvibbQ9Dx8zlyk
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
1ab7e4c0f4ab2a00efc6b0a2375183cd
|
|
SHA1
|
4be1f884d31c7a31ea043e05c8b4551a3bedf056
|
|
SHA256
|
51dc83fc54032d0580f4ee90a1d49cfe8fc6e379c32fdedd8215581b98ca8d30
|
|
SSDeep
|
48:4SkSFqwmwT90dKWM2Tj4kcQfd99x45sPl:Fr90wN0cQ1l62l
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.52 KB
|
|
MD5
|
d01fe5015c628533af8ae0b0eaeff5bb
|
|
SHA1
|
96eef07eaa6ae167beae5c0bdd54ef6f38d6f582
|
|
SHA256
|
8c923148cb85049acd929e3e1611052d92be56a7234b9c3270441c0eeb8c5a75
|
|
SSDeep
|
384:FCwFRvNv3ct4awW9W02MS5l0YyVFz0D6YLrV9fmt8gx2kfS/pEfVAcre:4QNv3cSawWM02MkqxNeuGIFqBwAAe
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.55 KB
|
|
MD5
|
497824baf4f98707c7e641b30cd8238c
|
|
SHA1
|
17269d2cdfe3b2734240ab1c08d32c5f51d86dfd
|
|
SHA256
|
9fcec35d733c286424874b63cc7346a13e0776baf47bfd39a793f9078367852e
|
|
SSDeep
|
48:6/fWyQxJ8NzO3jT1PiI+7a+xHkTrPMjGhGYvjQUFypT:6/f3YUzO3vdiMQMPMjGnvjTypT
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
ee70b5a10c2a688f91f05bffa5b76c00
|
|
SHA1
|
9604610e896882472808e23ce25c988be9c97295
|
|
SHA256
|
88e8cbf175f6abd8d505ad98d437cd8d077f7c7a8d283ab126d2d222215841f1
|
|
SSDeep
|
24:crzZWDkly+7UOIdJ5KrNnlqTk5GbmAftkioAvR2LvwQJZh/sqHcagS0Nf9PtAd6B:WQpOIdJ5KJn6kXAOirhQJf/sC0VX
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
d1a029737697516528a46e67be172215
|
|
SHA1
|
07a6f9cc6ab488345238a069307557c6a927cebd
|
|
SHA256
|
cebed8cbe7902896add9ee09fce8090d683e8e52cd4b8dd987c2e142c0365246
|
|
SSDeep
|
48:ICNBcAdgoBdI0dAr464Or4iK/92+Nswgd+:IlAdjI0dr6/k/9wHd+
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.03 KB
|
|
MD5
|
c1bc24ceee7080c952d36b9f2471f972
|
|
SHA1
|
5c8ea556a7040729ef37851a78191f2560ca93cc
|
|
SHA256
|
6e9d0b1767c55556cdeed44302fa8d5b865034677c09345f70643734e874d81b
|
|
SSDeep
|
24:8uIBXHDtDuSAqGaZzHJ6tt7gASPgYs5AW50dyJUb1bCJwsalH8PtAd6v:0pyAlCgASWAW5En1b9lH8
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.07 KB
|
|
MD5
|
9f57e0ed33038d3899cfebb40ff8c098
|
|
SHA1
|
b6b1d124d55fdb1146303c723ddf5831fe419fdc
|
|
SHA256
|
c52f41ca9362dd1193adf27ee1d3a95ea6b6a38b4dd5dbb4b90ac3f88f6388c5
|
|
SSDeep
|
24:WlU2qF94Vld/aqTiJ0/30V5ZVGutBU6m0BMph2ZNwBFAP/3PBjZ/GbjoP+Al0+H2:WliwVvCOPMRdehbFkB0qb3b9hZvJpA1
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
5.97 KB
|
|
MD5
|
d3d58c2022de89d11227fc450c3545e3
|
|
SHA1
|
b19bb3ada58525551b91a26457320e48a0c26f60
|
|
SHA256
|
6095f809475e192db7d66698ec5ce96ae6e2ea11c40c92fae3e100f8e61cad5e
|
|
SSDeep
|
96:wzBAQi09WZ2tX6nGVx7z0nA0p+AhPhVoNwjyH78vgZtLcz/GcyLWCokD6NFjmVdc:W6QDTtqnM7z0/PbUwyb8vgQDGc6UkU3N
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
30.60 KB
|
|
MD5
|
f0296a135449ec20888711680f6913d7
|
|
SHA1
|
9b8e3527c18e639cbc602930bdac14cfa42097c2
|
|
SHA256
|
1c3807164a000c71b6c0798993e8bf6061021412c5a8cc90e52100e4b760aec2
|
|
SSDeep
|
768:SzLXEtnHqWeg07VE92cCrf9crCpcZdbtl2ueW687K:SzToKWerG2Z5pKv4VPqK
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
78ddd0d469cd143bedbfdeca0f9e0f0d
|
|
SHA1
|
d7e0a82c9a0302324edf43f1b5d8ca4f0636a5c8
|
|
SHA256
|
32c7922528f92363d0d1c7fcf776bd744454b7ab6a70ee4534a8f405dfdcc152
|
|
SSDeep
|
48:I3F06+nbGlVUVRw0YTayeFWBq6L+PVkoW97pPt:I1WnoVZig7EWXvt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.80 KB
|
|
MD5
|
4159c9bc6aff3a30cb5765884fbeea1a
|
|
SHA1
|
28236b9faadb81d3bfac28979019d14a7327e7ff
|
|
SHA256
|
9ad0abd19f244aadaf8d16cd2b25e1e3ebe942ce0fdd5e4b2a798ab7b1c5a251
|
|
SSDeep
|
48:6bSebr7FWUDbOs9INn+c9xy56ss269aoZZ7cASlm:6bSeDLINfgoss28aEIASlm
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.70 KB
|
|
MD5
|
f74c8fa3deb518b3f6c96731f86cb5a9
|
|
SHA1
|
bcbf9a1c04b483730e55d843996e9b46f75c35d0
|
|
SHA256
|
df95422be151510577b3c6b412db3dd6afe54d83c75b7dabf195976f5d63481f
|
|
SSDeep
|
384:SBf0HTibpchADikx2rAmBvTrNbFAQuGm2rn7AvC8rr4z:iMxAGkx2zlrIQuGm2rn0Drcz
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
855.24 KB
|
|
MD5
|
d77c0dbe5180e0ab3b81747e756097e7
|
|
SHA1
|
43bf696a29f194de736640c6e3f88efe0d1e1ae5
|
|
SHA256
|
7c7982ac8bfcc70ee2dc9050da71bdf5ffbe6a9654342882a750e84ea78b6e21
|
|
SSDeep
|
12288:L2EwA0ppmIjw7bjx5WAw3cvhsTaJDf9gJ+OvV8zW+Ncr/QVBjZvf/qBj:6wNHbjx5WAwsvhsTI9JOd+W3sVBtkj
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.66 KB
|
|
MD5
|
7b36496587598a1f673f984b9d6f68a3
|
|
SHA1
|
5e4c1d580ab5d3b6807c7229aee1e72ede229901
|
|
SHA256
|
0680e17ef162bcbeaca018a4c1eeb18fc05add4a76cdf84c45dafc6c88bfe47f
|
|
SSDeep
|
24:T4vn/YAha5fVVS4dDaT99Pg7LbAvsdLgy596R67Rbm0sBayzNsgcxpZJYtP+PtA4:8vFapVVb+T99wPtLvOLaANsjp8tPA
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
audio/mpeg
|
|
File Size
|
2.07 KB
|
|
MD5
|
f3d43c13eff4658c4655f99f44063c0e
|
|
SHA1
|
bb5932c7b128bdd87ebbf9e3b79e14ef0bc954b5
|
|
SHA256
|
d13742282014e139f06c0619f16b4456b5fe3d051910e56d7563e1ca190df9d7
|
|
SSDeep
|
48:tdkWM7cmmnJYxjtvn7VrqBWHiERyKkgAy4:7rYJjVEW5RyKDAy4
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.76 KB
|
|
MD5
|
dd6bdd9462508c21b7974c6f3332e8a1
|
|
SHA1
|
736fba75269d89551c39cb49f9e424d78c6e0793
|
|
SHA256
|
193ff7f345983042bd34769aae818b03c7318848e5e7b640738949fa18ce9a7a
|
|
SSDeep
|
192:OCdJmEqb7EX0zFTKRR9iwa6mZWSConBizRvNR2ZFM8rSa61Mwf:h+EqkXoYzxoBidvNRra6L
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.60 KB
|
|
MD5
|
d1c37ff354f6875e15652121f4c6401d
|
|
SHA1
|
b863d083b7c4c6dc19a7e7468956a348d165d3b2
|
|
SHA256
|
31ad74eabf075f7ec42a491ac4caf8aced19fe7eacce73f1eef3a79d6f046a92
|
|
SSDeep
|
48:MUZ3zi7KWkRzRgFZtWjwQUEt8ufkWWCikZg+V2Qkr4oSSR1xclxR3mIEA2z:MYG7dp8wQU/WpXS+EbSwxk7W3A6
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
20.33 KB
|
|
MD5
|
57e74b9999c2f0c500cf4d12c17f74d4
|
|
SHA1
|
314945aafbae3863314a51afffa33a53f4fbbc4a
|
|
SHA256
|
ac6ec5b4c361ee1f071237a74a7c43857702ce7e3c1e5175649e762e0360a84d
|
|
SSDeep
|
384:G7KvZjHUDMWJ7szAXjNvfU1IzymNdqlkv0+N8M5l0poDL:JvZj0DMY44xE1+yqxv9TL
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.99 KB
|
|
MD5
|
43e97aefe28948ab7a46dc558c3283d7
|
|
SHA1
|
cab88d0a1be12221c92a7ef47b9f21cc1e08d2b4
|
|
SHA256
|
8e60d962c9693ab060800c55c60c4fa17e5ae709f73845d1beb3e13d2b0a8973
|
|
SSDeep
|
48:M/2JW9U+VS4jGIpJLiG9lHS9ViKgFHPzkwPANl:c2JW2RIpL9ly9yn2l
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
11.43 KB
|
|
MD5
|
71beb991f9eb1af96f101731d338333a
|
|
SHA1
|
588cfbf7133a3a634c349a80b739a32493559341
|
|
SHA256
|
ecb17561dcc5e203201d8098007aad51ecea3cbdbc41c42f2260115b3a221d56
|
|
SSDeep
|
192:PzJZVUlvt3RzAG/A21VBYA6u87vjGj3y+gTjed+9jsYj7sn1CjN8JxoCJA2Ka9zP:PVrUNt3JAF21VBXn8UC+gTPjsY41C5Ev
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
860.74 KB
|
|
MD5
|
95421e62f5e067821bb4902847f62069
|
|
SHA1
|
83cf548bc60f10085fa6f42bcd74db1a3fb433cf
|
|
SHA256
|
ebb5c0a8e8fe182cead0b02ad41c5576bc435693e90c9a4c3dcad233de5ae085
|
|
SSDeep
|
24576:GQ6+ycJb3ICNj9CQOUuiRqQc19iydiwP+NhT2RE8Ul:r2S4CtOUuKqQY95d9P+NhTCED
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
9.51 KB
|
|
MD5
|
2203d0d0def222d504004f87aee59384
|
|
SHA1
|
43a69985ca77ffe2b656f9f6b1b6260669088ab8
|
|
SHA256
|
94580c6d61041b1b0b1822ccd39dc1b55ba2a9f9a9b0971dee47e38c1899ac5c
|
|
SSDeep
|
192:a8XO7gcvx/IFBbkUKc5zrDkhnsRQGYxV0xQV2LexOsS4IDt2Ugcwvy:a8XOkc5tGvkhnsqxVLxOKasUg8
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
6.33 KB
|
|
MD5
|
2249ef02bfca072dd0041c2ae3d085f4
|
|
SHA1
|
7258590a78d9afa35326088c6a03a22f49ac07d4
|
|
SHA256
|
407f1132d2c52c1b23d5e0d0197b0139df299b79bdba568bdd7d470a3d8eb2be
|
|
SSDeep
|
192:FHDVycr+af9zOiPp8uxiSe03Y6WfixEomz1WNatxTV:tV9r+a1zbPMqWfixlWyyV
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
865.24 KB
|
|
MD5
|
38290e5a1a4c3a6faba904691ba267c9
|
|
SHA1
|
92e8223cbc48f633f09349c9c42229110885a0f8
|
|
SHA256
|
433b51faf28198ab631dd44cdb314bfbe439ce6d6af5e0e2365e16f34836f1d0
|
|
SSDeep
|
24576:FPBYa+3x2gqHNyNEgaym2BPFnRQFFn0yak:XYa+3xHqHQZayxBNn2jak
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.94 KB
|
|
MD5
|
c1fd6e933650e1c349b74f1dd4b9c5db
|
|
SHA1
|
0a49f3d34716c0d36369cbd11bd9257d0a47673b
|
|
SHA256
|
6396ba650f4c861c6a088d769e9487022841a70fc19f13b57f557dfdf356f086
|
|
SSDeep
|
192:fqQwmctT/VK3vclR6BIwmdkUKu5hm+OvXZNyCnpWnJqDS6rzFwUdEW:fWT/AvclR6qwmOUdXA/cJWNzFHdH
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
8.60 KB
|
|
MD5
|
73283ae9be6b3811528cb7e5c35b6068
|
|
SHA1
|
e9b536b95c54d50bc74442474d639ae053955bdf
|
|
SHA256
|
80e01f0b90db1d19619a58d9b7294d86705e4b3496541875434a9269a0772f34
|
|
SSDeep
|
192:a4I9cNcZvKjkxhk9dIY/ijJA07FdXrMW5k:dmmcZvKjkxiXvKtAaFdt6
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
222.21 KB
|
|
MD5
|
1c640b6435768675d1ad8a3109076e85
|
|
SHA1
|
648ade722636984ba229189a64ca6d68fb73f136
|
|
SHA256
|
c4496d835d44a29f8496925a2d4ae269deeb814b4fc9522f90bd87ea2ef8acf2
|
|
SSDeep
|
6144:LlpYclktqkkuDxrTQqvyJvlQQniWPlwItZja9qwDMu:LXWqiXAHQ47XC9tD/
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
848.75 KB
|
|
MD5
|
7ed57dd602bf6868f11c91f5645bd3fe
|
|
SHA1
|
3ba870c4866e32b172c28c2550ca0a9f60eacb86
|
|
SHA256
|
dfa7811718fdf8bd692434998d7d4d377a80f6ae3ce9569719aa70f80d23051c
|
|
SSDeep
|
24576:5l9qmtCiEy8QjNRsVA4edezPt1Hu0+JbfvRt:VqmCiEyNNRsVATezPtxu7nRt
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
38.34 KB
|
|
MD5
|
319fcff760c11e5146292e367c8672dd
|
|
SHA1
|
3e2ab1c31e7ce2855a75a4d7c8c8ab6a0250f533
|
|
SHA256
|
3200447442411d005cef1d728625e438f46771bb586d4e7fee717a6e703b6bf9
|
|
SSDeep
|
768:qhYew2FatT00P/IkWAA1s7jedv/6JbtRSbZEPFsmxxm9:qhY+FaFj43P1s7kv/UtRStmxx2
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
890 bytes
|
|
MD5
|
a46165eb1c5c458b81c5ae52b33ef0ff
|
|
SHA1
|
0643cc963bd83a294ae095b923e97f1844f83937
|
|
SHA256
|
f27d70b7a6dd443f410308232a09ac06356b8d665ec2f327d2dd71e08360fa55
|
|
SSDeep
|
24:gOjDwj6V4bc1mrTJpAFbscbzyhPtAd69ll:tM6VvmrTJpA+IyNl
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
853.75 KB
|
|
MD5
|
09484cab3575ba9dbfaec1056b563ee7
|
|
SHA1
|
1de0a3eb39649fc3c8b63be6882d807ad3ac6761
|
|
SHA256
|
ecdea8135a5dde23b446a14c73912e2be26309ec38c59ce92f69db8c45008787
|
|
SSDeep
|
24576:jB4guQvf9jnatUO7W0dOoJv9DCp24mn0Q34T:juguQvxahhdRJvhA0joT
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.13 MB
|
|
MD5
|
b5a974ce0b59575b0f04adc0fd5ffc29
|
|
SHA1
|
65ed5aecc8da05bb96f02e10858ed4670cd5f0ae
|
|
SHA256
|
6dd3c80316839f71cdf52b0b1851f59bf61d0bfd9a83f21e28225627fe778f75
|
|
SSDeep
|
24576:Y9EVGjSxoj4aJMNjjX0jeah72owCHl+ZJt5WLg9QNH7Uxi5dzVs7waRfW1rMIQjq:YGkjSGMJjZ1CoJGLg927G2V5CfWSnjq
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.04 KB
|
|
MD5
|
103c0a3f7f1a9326dc1d9e2fd674c458
|
|
SHA1
|
af37b523ae466991bf3e51d2fa47d2e5077ab509
|
|
SHA256
|
bd8de12ab3743c66c0c57957229110a399ed7c908fb9cd8c7d83a7fef6345dff
|
|
SSDeep
|
24:Iq5NfxSuffek1tmrxCMfbDcfbJcFuyOFgAVKyh69f+DSnrTSyJu7MmWxE7NBi3Pp:IYNJSu+R5fczJcEz2Ai9xnfSycMmT7DU
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.85 KB
|
|
MD5
|
71948a49cd38d8b57d689f347e7242bb
|
|
SHA1
|
05855c9704ad96c60396523c1452e806e5919941
|
|
SHA256
|
677bf9363a7401d8185b1845f0111342440658c5d23df07376d5b8e1e1a8cbd3
|
|
SSDeep
|
48:z3hjrPF6uahnE/2BSVMpkK8UO7S6Qn9Wxy/LKqBHc0Je2mFlB4sbS9HQYeh:TvPenOVSrF6Qb/LF52BJbS9Sh
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.78 KB
|
|
MD5
|
e842dc9a7ce3090310d7de85962e5cbd
|
|
SHA1
|
19019a072834f42b8f201636700bddd5b8d1ffd7
|
|
SHA256
|
e162e078b498db7153bf6c122bcd116e76bc3614955ab8f67150d737e883b763
|
|
SSDeep
|
24:X/ccA+Oo5GOmjHhwQsIDaug04s/+TEviAWREkYwyFxAKJuboNX5P4KtiPtAd69ll:XU6hwjBwQz2ugE+TEiTYJwMNXDCl
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.15 KB
|
|
MD5
|
c87a5412fa996023dda2d11632deef2d
|
|
SHA1
|
1d0f60a6549443cf2a1be57157668f5bc258538e
|
|
SHA256
|
0d5cdbf7008440d4d92a66b617db012a38c8f36b4978c0b60acfdd91edbafe8d
|
|
SSDeep
|
48:RT/1/Ozg2K3g9jUi15V9QUONeZIXFSj7FO+f9sihFRAldok9SBtb5yx4u0uCBul:dV9ajUip9QNucFSjZOe9XUldPSIBiul
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
24.89 KB
|
|
MD5
|
a7b9de35bc6faf31aca0d11ce805dcdd
|
|
SHA1
|
170e294e483a2ae633bb8333bb8314ad1fe8372e
|
|
SHA256
|
78b90e7176e8abcac78248bff2b0672072a880eee56a89e9f7cb532e706df0db
|
|
SSDeep
|
384:iYjVb1GvlOZ8GFFGuy8hLbmOWcvTz53q8CuYfWoAY7UWp12yngF5USkb3ndAE+Xy:VpQvlo8QXxmObIxOo7gaokb3Fay
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
19.56 KB
|
|
MD5
|
19b91fdb490a128ce41d9a02b72a6e06
|
|
SHA1
|
27aaefd742265c8378dc1ef42417574b7552fa6c
|
|
SHA256
|
8606297988454be116d0be3704336bf69e2bad518c6c8771dac334d662d5f8be
|
|
SSDeep
|
384:4J3IR3tzAG6mm1G0JqtH/KykLAqNfvIdMLfZAi6OwxiJK6Q33cUL9:4a9tVMMHNQWYaF6ti
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
20.39 KB
|
|
MD5
|
486f23a66848491707e9dc98bbd97a42
|
|
SHA1
|
8954b42cfe72734613860cf35f410026e9bbc5d3
|
|
SHA256
|
3f2d449108500bcc1fa34b7082d73759ad64b26e6ee799f267b34f3551620922
|
|
SSDeep
|
384:rEgbodSDXHA1lxSVX02SGOeBZPIw8ISPa/BcJK9rvwgj8oOKuwaz/iQpSfDnvS+M:rm0LA1lxSVNSGRIVJk9D8waz/iQpyDq1
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
1.76 KB
|
|
MD5
|
b19dbf842843eb2fe6cd4c98f3db380b
|
|
SHA1
|
a637f30449f4d81b09ed1fcdbee4dd2d85fc1ed6
|
|
SHA256
|
7a3a473d087bbe938bc77cb9defc83f4bdc20a0f76252ffa9b1f83afe2e95e87
|
|
SSDeep
|
24:03GW2c4lI+17xypeoEgl0Ctask41oJH0Mb5rmNqUdEWM4wl7Y5eSG7Mi0PtAd69/:OGW2c4lIZ89glhNOUMlchdRQY5NIOl
|
|
Rule Name
|
Rule Description
|
Classification
|
Severity
|
Actions
|
|
DharmaEncryptedFile
|
File encrypted by Dharma Ransomware
|
Ransomware
|
|
|
|
Also Known As
|
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\demo.exe (Dropped File)
C:\Users\5p5NrGJn0jS HALPmcxz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\demo.exe (Dropped File)
C:\Windows\System32\demo.exe (Dropped File)
|
|
Mime Type
|
application/vnd.microsoft.portable-executable
|
|
File Size
|
320.00 KB
|
|
MD5
|
887e76ccf9ae8a731570f13324877426
|
|
SHA1
|
67286d63ab0c619c2fe98dd820486a28f8e4ee61
|
|
SHA256
|
bc1c6fc23fd634e3b93d74d27bf536cd843b1b01ae4255a7c9fa51f4acf8303e
|
|
SSDeep
|
6144:2QBsPmrMNkDJTt1DndscTETPMAxN6zeCU7ze5o7vpLl4FJmaIvV8DORa:2Qiu6klJ17dsvTPZ6CCU7zEAMstCORa
|
|
ImpHash
|
d06fcbb90b2a81daf36fc84b4a126555
|
|
Image Base
|
0x400000
|
|
Entry Point
|
0x403512
|
|
Size Of Code
|
0x22c00
|
|
Size Of Initialized Data
|
0x4e89000
|
|
File Type
|
FileType.executable
|
|
Subsystem
|
Subsystem.windows_gui
|
|
Machine Type
|
MachineType.i386
|
|
Compile Timestamp
|
2018-08-29 09:20:13+00:00
|
|
Name
|
Virtual Address
|
Virtual Size
|
Raw Data Size
|
Raw Data Offset
|
Flags
|
Entropy
|
|
.text
|
0x401000
|
0x22b4d
|
0x22c00
|
0x400
|
IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
|
6.67
|
|
.rdata
|
0x424000
|
0x268be
|
0x26a00
|
0x23000
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
|
6.43
|
|
.data
|
0x44b000
|
0x4e5ea00
|
0x1c00
|
0x49a00
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
|
3.21
|
|
.rsrc
|
0x52aa000
|
0x2608
|
0x2800
|
0x4b600
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
|
4.72
|
|
.reloc
|
0x52ad000
|
0x2010
|
0x2200
|
0x4de00
|
IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ
|
6.48
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
GetLastError
|
0x0
|
0x42401c
|
0x49f9c
|
0x48f9c
|
0x202
|
|
PeekConsoleInputW
|
0x0
|
0x424020
|
0x49fa0
|
0x48fa0
|
0x38c
|
|
LocalAlloc
|
0x0
|
0x424024
|
0x49fa4
|
0x48fa4
|
0x344
|
|
VirtualProtect
|
0x0
|
0x424028
|
0x49fa8
|
0x48fa8
|
0x4ef
|
|
CreateToolhelp32Snapshot
|
0x0
|
0x42402c
|
0x49fac
|
0x48fac
|
0xbe
|
|
GetHandleInformation
|
0x0
|
0x424030
|
0x49fb0
|
0x48fb0
|
0x1ff
|
|
CloseHandle
|
0x0
|
0x424034
|
0x49fb4
|
0x48fb4
|
0x52
|
|
WriteConsoleW
|
0x0
|
0x424038
|
0x49fb8
|
0x48fb8
|
0x524
|
|
SetFilePointerEx
|
0x0
|
0x42403c
|
0x49fbc
|
0x48fbc
|
0x467
|
|
SetStdHandle
|
0x0
|
0x424040
|
0x49fc0
|
0x48fc0
|
0x487
|
|
GetConsoleMode
|
0x0
|
0x424044
|
0x49fc4
|
0x48fc4
|
0x1ac
|
|
WriteFileGather
|
0x0
|
0x424048
|
0x49fc8
|
0x48fc8
|
0x527
|
|
GetNumberFormatA
|
0x0
|
0x42404c
|
0x49fcc
|
0x48fcc
|
0x231
|
|
EnumCalendarInfoExW
|
0x0
|
0x424050
|
0x49fd0
|
0x48fd0
|
0xf2
|
|
GetTickCount
|
0x0
|
0x424054
|
0x49fd4
|
0x48fd4
|
0x293
|
|
DebugActiveProcessStop
|
0x0
|
0x424058
|
0x49fd8
|
0x48fd8
|
0xc6
|
|
DuplicateHandle
|
0x0
|
0x42405c
|
0x49fdc
|
0x48fdc
|
0xe8
|
|
lstrlenA
|
0x0
|
0x424060
|
0x49fe0
|
0x48fe0
|
0x54d
|
|
GetConsoleCP
|
0x0
|
0x424064
|
0x49fe4
|
0x48fe4
|
0x19a
|
|
FlushFileBuffers
|
0x0
|
0x424068
|
0x49fe8
|
0x48fe8
|
0x157
|
|
GetStringTypeW
|
0x0
|
0x42406c
|
0x49fec
|
0x48fec
|
0x269
|
|
OutputDebugStringW
|
0x0
|
0x424070
|
0x49ff0
|
0x48ff0
|
0x38a
|
|
EnumSystemLocalesW
|
0x0
|
0x424074
|
0x49ff4
|
0x48ff4
|
0x10f
|
|
GetUserDefaultLCID
|
0x0
|
0x424078
|
0x49ff8
|
0x48ff8
|
0x29b
|
|
EncodePointer
|
0x0
|
0x42407c
|
0x49ffc
|
0x48ffc
|
0xea
|
|
DecodePointer
|
0x0
|
0x424080
|
0x4a000
|
0x49000
|
0xca
|
|
GetCommandLineA
|
0x0
|
0x424084
|
0x4a004
|
0x49004
|
0x186
|
|
RaiseException
|
0x0
|
0x424088
|
0x4a008
|
0x49008
|
0x3b1
|
|
RtlUnwind
|
0x0
|
0x42408c
|
0x4a00c
|
0x4900c
|
0x418
|
|
IsDebuggerPresent
|
0x0
|
0x424090
|
0x4a010
|
0x49010
|
0x300
|
|
IsProcessorFeaturePresent
|
0x0
|
0x424094
|
0x4a014
|
0x49014
|
0x304
|
|
ExitProcess
|
0x0
|
0x424098
|
0x4a018
|
0x49018
|
0x119
|
|
GetModuleHandleExW
|
0x0
|
0x42409c
|
0x4a01c
|
0x4901c
|
0x217
|
|
GetProcAddress
|
0x0
|
0x4240a0
|
0x4a020
|
0x49020
|
0x245
|
|
AreFileApisANSI
|
0x0
|
0x4240a4
|
0x4a024
|
0x49024
|
0x15
|
|
MultiByteToWideChar
|
0x0
|
0x4240a8
|
0x4a028
|
0x49028
|
0x367
|
|
WideCharToMultiByte
|
0x0
|
0x4240ac
|
0x4a02c
|
0x4902c
|
0x511
|
|
HeapSize
|
0x0
|
0x4240b0
|
0x4a030
|
0x49030
|
0x2d4
|
|
HeapFree
|
0x0
|
0x4240b4
|
0x4a034
|
0x49034
|
0x2cf
|
|
HeapAlloc
|
0x0
|
0x4240b8
|
0x4a038
|
0x49038
|
0x2cb
|
|
SetLastError
|
0x0
|
0x4240bc
|
0x4a03c
|
0x4903c
|
0x473
|
|
GetCurrentThread
|
0x0
|
0x4240c0
|
0x4a040
|
0x49040
|
0x1c4
|
|
GetCurrentThreadId
|
0x0
|
0x4240c4
|
0x4a044
|
0x49044
|
0x1c5
|
|
GetProcessHeap
|
0x0
|
0x4240c8
|
0x4a048
|
0x49048
|
0x24a
|
|
GetStdHandle
|
0x0
|
0x4240cc
|
0x4a04c
|
0x4904c
|
0x264
|
|
GetFileType
|
0x0
|
0x4240d0
|
0x4a050
|
0x49050
|
0x1f3
|
|
DeleteCriticalSection
|
0x0
|
0x4240d4
|
0x4a054
|
0x49054
|
0xd1
|
|
GetStartupInfoW
|
0x0
|
0x4240d8
|
0x4a058
|
0x49058
|
0x263
|
|
GetModuleFileNameA
|
0x0
|
0x4240dc
|
0x4a05c
|
0x4905c
|
0x213
|
|
WriteFile
|
0x0
|
0x4240e0
|
0x4a060
|
0x49060
|
0x525
|
|
GetModuleFileNameW
|
0x0
|
0x4240e4
|
0x4a064
|
0x49064
|
0x214
|
|
QueryPerformanceCounter
|
0x0
|
0x4240e8
|
0x4a068
|
0x49068
|
0x3a7
|
|
GetCurrentProcessId
|
0x0
|
0x4240ec
|
0x4a06c
|
0x4906c
|
0x1c1
|
|
GetSystemTimeAsFileTime
|
0x0
|
0x4240f0
|
0x4a070
|
0x49070
|
0x279
|
|
GetEnvironmentStringsW
|
0x0
|
0x4240f4
|
0x4a074
|
0x49074
|
0x1da
|
|
FreeEnvironmentStringsW
|
0x0
|
0x4240f8
|
0x4a078
|
0x49078
|
0x161
|
|
UnhandledExceptionFilter
|
0x0
|
0x4240fc
|
0x4a07c
|
0x4907c
|
0x4d3
|
|
SetUnhandledExceptionFilter
|
0x0
|
0x424100
|
0x4a080
|
0x49080
|
0x4a5
|
|
InitializeCriticalSectionAndSpinCount
|
0x0
|
0x424104
|
0x4a084
|
0x49084
|
0x2e3
|
|
CreateEventW
|
0x0
|
0x424108
|
0x4a088
|
0x49088
|
0x85
|
|
Sleep
|
0x0
|
0x42410c
|
0x4a08c
|
0x4908c
|
0x4b2
|
|
GetCurrentProcess
|
0x0
|
0x424110
|
0x4a090
|
0x49090
|
0x1c0
|
|
TerminateProcess
|
0x0
|
0x424114
|
0x4a094
|
0x49094
|
0x4c0
|
|
TlsAlloc
|
0x0
|
0x424118
|
0x4a098
|
0x49098
|
0x4c5
|
|
TlsGetValue
|
0x0
|
0x42411c
|
0x4a09c
|
0x4909c
|
0x4c7
|
|
TlsSetValue
|
0x0
|
0x424120
|
0x4a0a0
|
0x490a0
|
0x4c8
|
|
TlsFree
|
0x0
|
0x424124
|
0x4a0a4
|
0x490a4
|
0x4c6
|
|
GetModuleHandleW
|
0x0
|
0x424128
|
0x4a0a8
|
0x490a8
|
0x218
|
|
CreateSemaphoreW
|
0x0
|
0x42412c
|
0x4a0ac
|
0x490ac
|
0xae
|
|
EnterCriticalSection
|
0x0
|
0x424130
|
0x4a0b0
|
0x490b0
|
0xee
|
|
LeaveCriticalSection
|
0x0
|
0x424134
|
0x4a0b4
|
0x490b4
|
0x339
|
|
FatalAppExitA
|
0x0
|
0x424138
|
0x4a0b8
|
0x490b8
|
0x120
|
|
SetConsoleCtrlHandler
|
0x0
|
0x42413c
|
0x4a0bc
|
0x490bc
|
0x42d
|
|
FreeLibrary
|
0x0
|
0x424140
|
0x4a0c0
|
0x490c0
|
0x162
|
|
LoadLibraryExW
|
0x0
|
0x424144
|
0x4a0c4
|
0x490c4
|
0x33e
|
|
IsValidCodePage
|
0x0
|
0x424148
|
0x4a0c8
|
0x490c8
|
0x30a
|
|
GetACP
|
0x0
|
0x42414c
|
0x4a0cc
|
0x490cc
|
0x168
|
|
GetOEMCP
|
0x0
|
0x424150
|
0x4a0d0
|
0x490d0
|
0x237
|
|
GetCPInfo
|
0x0
|
0x424154
|
0x4a0d4
|
0x490d4
|
0x172
|
|
HeapReAlloc
|
0x0
|
0x424158
|
0x4a0d8
|
0x490d8
|
0x2d2
|
|
GetDateFormatW
|
0x0
|
0x42415c
|
0x4a0dc
|
0x490dc
|
0x1c8
|
|
GetTimeFormatW
|
0x0
|
0x424160
|
0x4a0e0
|
0x490e0
|
0x297
|
|
CompareStringW
|
0x0
|
0x424164
|
0x4a0e4
|
0x490e4
|
0x64
|
|
LCMapStringW
|
0x0
|
0x424168
|
0x4a0e8
|
0x490e8
|
0x32d
|
|
GetLocaleInfoW
|
0x0
|
0x42416c
|
0x4a0ec
|
0x490ec
|
0x206
|
|
IsValidLocale
|
0x0
|
0x424170
|
0x4a0f0
|
0x490f0
|
0x30c
|
|
CreateFileW
|
0x0
|
0x424174
|
0x4a0f4
|
0x490f4
|
0x8f
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
GetNextDlgGroupItem
|
0x0
|
0x424184
|
0x4a104
|
0x49104
|
0x161
|
|
GetMonitorInfoW
|
0x0
|
0x424188
|
0x4a108
|
0x49108
|
0x15f
|
|
DlgDirListA
|
0x0
|
0x42418c
|
0x4a10c
|
0x4910c
|
0xb3
|
|
wsprintfW
|
0x0
|
0x424190
|
0x4a110
|
0x49110
|
0x333
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
ObjectDeleteAuditAlarmA
|
0x0
|
0x424000
|
0x49f80
|
0x48f80
|
0x1eb
|
|
GetAce
|
0x0
|
0x424004
|
0x49f84
|
0x48f84
|
0x123
|
|
GetFileSecurityW
|
0x0
|
0x424008
|
0x49f88
|
0x48f88
|
0x130
|
|
CreateServiceA
|
0x0
|
0x42400c
|
0x49f8c
|
0x48f8c
|
0x80
|
|
GetUserNameW
|
0x0
|
0x424010
|
0x49f90
|
0x48f90
|
0x165
|
|
GetServiceKeyNameA
|
0x0
|
0x424014
|
0x49f94
|
0x48f94
|
0x153
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
WinHttpCloseHandle
|
0x0
|
0x424198
|
0x4a118
|
0x49118
|
0x7
|
|
WinHttpOpen
|
0x0
|
0x42419c
|
0x4a11c
|
0x4911c
|
0xf
|
|
WinHttpQueryAuthSchemes
|
0x0
|
0x4241a0
|
0x4a120
|
0x49120
|
0x11
|
|
API Name
|
Ordinal
|
IAT Address
|
Thunk RVA
|
Thunk Offset
|
Hint
|
|
GradientFill
|
0x0
|
0x42417c
|
0x4a0fc
|
0x490fc
|
0x2
|
|
Name
|
Process ID
|
Start VA
|
End VA
|
Dump Reason
|
PE Rebuilds
|
Bitness
|
Entry Points
|
AV
|
YARA
|
Actions
|
|
buffer
|
1
|
0x053821E0
|
0x0539E3CB
|
Marked Executable
|
-
|
32-bit
|
0x0538501C, 0x05384133
|
|
|
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
378 bytes
|
|
MD5
|
38629123d3a38437028d8f4e9dbc324c
|
|
SHA1
|
d96ace447f18df1edfa4d4a9892f8799378c840f
|
|
SHA256
|
53289b282ea304357670e511dce56d4e0cc6a640716aa74d4d48bfefff08b701
|
|
SSDeep
|
6:2oXMo6h6WAxdLA8esHu8lrUcA5o6WCw/oVBH9pPAn+v/HtAd6g8dlln:BcT6Rd8UHuyUcA5bfdpPA8PtAd6g8dll
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.14 MB
|
|
MD5
|
796509934617d608f02e756e4b4823db
|
|
SHA1
|
abe1c6f7249425f3c0dca30c8b9e3c81568a9c67
|
|
SHA256
|
92ed94cfc4d72668c45a43446fb0126ea2a81a025942721c2f7fe75c846c1068
|
|
SSDeep
|
49152:zDxL8QBo0Tex4S120ytJyewskFHJPDMbd:zR89t12AFlO
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
16.94 MB
|
|
MD5
|
2fb10a322517f7cbfb3a6cfe3f7ec571
|
|
SHA1
|
f50dbea0bf05e4a4f73abb265fef52fa43db4e07
|
|
SHA256
|
5ef870f132dab830dd5380a5f66f2db9ead790ee6610fc191c638c2aecd616a4
|
|
SSDeep
|
196608:6a8A7fKP0ReD0wXKLUEfRrDXP2ifogB2jHcSBLWiyvyWJRMLhdPWfi:6aRDKP0q0wM9JrL2ifJcjhW/6vL3Ai
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.14 MB
|
|
MD5
|
ecaf24251f1165b97f7caff56162a33d
|
|
SHA1
|
d0a5a85d7a46008708aab521b847109216c497cc
|
|
SHA256
|
b9e7653aaeb92e2db7f7f75cd1d195175dfd39fb30991df98d03470b70b6a994
|
|
SSDeep
|
49152:zDxL8QBo6Tex4S120ytJyLlgCzbuyiA5s0NJLat:zR89j1j/4A5TNJw
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
67.85 MB
|
|
MD5
|
6b078cbccbab0d5edeaa1d85f11ba58a
|
|
SHA1
|
66820f091ea72f244d2d2019748cbda0b7b9702d
|
|
SHA256
|
7597007b7fd82fa6fc079ad255cc80561c20be4bc515df7968b4b0e377292774
|
|
SSDeep
|
196608:H4KKCX5FvaeoDcBdxmOJR7nxOKOmE7dzaNQwr:H4KKCX5FvaVczxmUJnYSE7dzAT
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.15 MB
|
|
MD5
|
dd3cfcc35cbfcac9b7f47b54f0cf594e
|
|
SHA1
|
9a488bc6180f317d32a6a7aa59e9eb31a61b3b2d
|
|
SHA256
|
7d66aa209a9ae7f05c5ccee31e3e26ee933706553b626430c673460199f531d7
|
|
SSDeep
|
24576:zxnP6WBzkm83xgDBo8o93HLJP9VB5bxQrzVDFJdjHs5wuofLfdky20ytJytLmCrS:zDxL8QBonTex4S120ytJyrrQBGimQTX
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
10.25 MB
|
|
MD5
|
43a54a2af6b0ba4701aaaa57217b66c2
|
|
SHA1
|
28870f6bb4f8999e1d0b9929aa80295dc4a8ea07
|
|
SHA256
|
fd80d4c6ba8f8fce21e60ef9b478c7c06676860aa3fb17d1f8adb7d4ca393d5a
|
|
SSDeep
|
196608:aPUvTYpH9RBl/tus7o4L7tZiTnp/jE4U/bxlLRx+cZdh:MUvTiNhU4L7tZiTnprP0txRscZP
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
14.88 MB
|
|
MD5
|
0132354deb06c352353675fce278a129
|
|
SHA1
|
82f447263c0d4d83d398af15034413083edcbc35
|
|
SHA256
|
8e5451128ff68d309300dd54c2a3bb83f196e6fefb39f1e8d6b7c24b8a6f7307
|
|
SSDeep
|
196608:TIwm3nNVAl+ig71eZ8FclBElWHEbyLbyo9crpLlR8ioLO0ZF9CrpbQ:OL71eiFge/GHyo2rpLkcoCrpbQ
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
2.35 MB
|
|
MD5
|
2c04e7fc91d1c021fc535f8a093a0041
|
|
SHA1
|
6737054a2cfc22d8396e038074c400fc2749b7cd
|
|
SHA256
|
eac806d4d5f3797764d6e33baa536114a919f23fb00d5cfdc07a1c2dda14883e
|
|
SSDeep
|
49152:R0opH/cgHa3HRxz+4g+m0igqHsGmnTtUKY77J:R0op1Har+wm9gqMz0J
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.48 MB
|
|
MD5
|
03e16365fd8a316b3bfa86d4ac6cd439
|
|
SHA1
|
c32a45a2e1351d5ea2728f08ad15a8e636d0651c
|
|
SHA256
|
9d20e9a597bd0d363d61454dc1816ee2fc731b3dbf2a0d9a5f192e980bd14370
|
|
SSDeep
|
49152:fHYLL/WoWLljb1R6rOSN20yRJ64Lag6qDHQqrbqQTItsKZ:fqLVW6vkLrQqrWQTIts4
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
42.53 MB
|
|
MD5
|
4fb6c079967f604d4b8cdf477caf6de0
|
|
SHA1
|
a8777ca0e49e5d98d01a6b007c7b62b5dffb5b63
|
|
SHA256
|
9fac05c1ffc4b8060b0a5b942d35cc90c0bff012af1a00a6712c6d03018b083f
|
|
SSDeep
|
196608:MaurJM4k8IMj3kMxfGbWaxJMKMA4JxuiNQG3A2r7rfiSFhysD8uxDxKj:EOn8IQkM2BFEx96G3AUf7FnzKj
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.16 MB
|
|
MD5
|
0ab09c033b3cbde45ec8a507f795ae08
|
|
SHA1
|
7e4a94371dbaea00a16dee2f9de96a2c2d6098fb
|
|
SHA256
|
ba1494f830cfbf011cd9fc49540aa6331e77ef799aaa33be07a12a8b86c64683
|
|
SSDeep
|
49152:zDxL8QBoSTex4S120ytJy/kK3/dC3ip1u:zR89r10KaF
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
11.70 MB
|
|
MD5
|
052b4a3aaf24e1879297e0f1408c7662
|
|
SHA1
|
ccf2d2087988828f8117c27f1ec3ccaf4b5b926d
|
|
SHA256
|
6c23fd16b44e1eefdf52ac7ad99a1fc46a9b4b3e77c6643dd26d1ad79a2d1021
|
|
SSDeep
|
196608:Vf1gRyjQR9g8YYIcjfXontQdQGzFZaGkGdN7p06H1JX/WanfW/OIV0h:V1WbR9YY5AJGBZWGRz1kaza0h
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
20.84 MB
|
|
MD5
|
3d0e1f18676626331ffefafe53b18248
|
|
SHA1
|
80d370bf723a4b00b769c1a7266d63de82280ab0
|
|
SHA256
|
9ceac29cec7a9772266c3c6ed68bc7f25dcb38c12c388fe9f21e58890e9cf26f
|
|
SSDeep
|
196608:PFNUxdiOm1j3/abCsYwFOSQo2pWDOQs4hW6s63HS:qPmN3/abtYIQoROQ93RS
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
13.76 MB
|
|
MD5
|
42ac6eff5aa1dad153cb32ec3d616e43
|
|
SHA1
|
8d8693b1d4aa27f2f48345e6f2e760c5f205d163
|
|
SHA256
|
b8984acb419b90aab0f7fd9addaa90b10847e75aeaabfde74fc133085adf3455
|
|
SSDeep
|
196608:Yu6eDsIwHBL4B9lCzT2bOgcDuihGYrLpVUBJ/7HAFGtNy6aMhnRTU+:WqsIwHNB26gVE7e/7JNMM5RTU+
|
|
Mime Type
|
application/octet-stream
|
|
File Size
|
3.54 MB
|
|
MD5
|
f40084fa161964aa6235383743edde9e
|
|
SHA1
|
b67de0d83aee3ed0f8d5c83565b9f509c0adfaf6
|
|
SHA256
|
2aa737d2610197ba1a35756acad05675080e9fa39ff6a56f65fb74a03fb9ee15
|
|
SSDeep
|
98304:zDMUwxyODPFhbY12HLodiF4+5riPk4zCIMUVYG8X:z4UwVthio4vkhUVyX
|
