General
-
Target
781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc
-
Size
74KB
-
Sample
250529-3w3syacr2w
-
MD5
11fdfe276f9f7444e523149857ca04d5
-
SHA1
fa7a10644c45b78e6dca2700aa43d84d63f6319c
-
SHA256
781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc
-
SHA512
9a56236661db02e753423d1d1080c71bb01ceea27e11a1ae8ce80f8d136207910326e8567f3b34da39868cb8b299820fa1261ececf361e4b0e96574598c79a83
-
SSDEEP
1536:s7ZppApdIIJQP+UDQvNGIIJQP+UDQv0pC:spWp8kv7kv0pC
Behavioral task
behavioral1
Sample
781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc
-
Size
74KB
-
MD5
11fdfe276f9f7444e523149857ca04d5
-
SHA1
fa7a10644c45b78e6dca2700aa43d84d63f6319c
-
SHA256
781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc
-
SHA512
9a56236661db02e753423d1d1080c71bb01ceea27e11a1ae8ce80f8d136207910326e8567f3b34da39868cb8b299820fa1261ececf361e4b0e96574598c79a83
-
SSDEEP
1536:s7ZppApdIIJQP+UDQvNGIIJQP+UDQv0pC:spWp8kv7kv0pC
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5016) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-