General

  • Target

    781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc

  • Size

    74KB

  • Sample

    250529-3w3syacr2w

  • MD5

    11fdfe276f9f7444e523149857ca04d5

  • SHA1

    fa7a10644c45b78e6dca2700aa43d84d63f6319c

  • SHA256

    781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc

  • SHA512

    9a56236661db02e753423d1d1080c71bb01ceea27e11a1ae8ce80f8d136207910326e8567f3b34da39868cb8b299820fa1261ececf361e4b0e96574598c79a83

  • SSDEEP

    1536:s7ZppApdIIJQP+UDQvNGIIJQP+UDQv0pC:spWp8kv7kv0pC

Malware Config

Targets

    • Target

      781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc

    • Size

      74KB

    • MD5

      11fdfe276f9f7444e523149857ca04d5

    • SHA1

      fa7a10644c45b78e6dca2700aa43d84d63f6319c

    • SHA256

      781b5e671915080926441acce8c4d147ef177552da6b2be1123237405dae0afc

    • SHA512

      9a56236661db02e753423d1d1080c71bb01ceea27e11a1ae8ce80f8d136207910326e8567f3b34da39868cb8b299820fa1261ececf361e4b0e96574598c79a83

    • SSDEEP

      1536:s7ZppApdIIJQP+UDQvNGIIJQP+UDQv0pC:spWp8kv7kv0pC

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5016) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks