General
-
Target
b38f9526ebc6b59c267b7567f01c22a75168015a48fb0260a35c76e669b652c0
-
Size
18KB
-
Sample
250529-h3xkaayye1
-
MD5
24ab0cd24136a23b222d718b5a466932
-
SHA1
257d4758de2fe7e81f571d6395b21251f4850a5d
-
SHA256
b38f9526ebc6b59c267b7567f01c22a75168015a48fb0260a35c76e669b652c0
-
SHA512
7fefe0a01f9a25ebd2f9d9d1a4449f3f5bca5e3f4860a5b31cbbe609a6f9f9b3567de2dd6a04958d42d40c50e9336f27c78c21023c2ee8bc2e389c07529abbe9
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOv1I:uZ4FLz8ae+rOn8ae+rOy
Static task
static1
Behavioral task
behavioral1
Sample
b38f9526ebc6b59c267b7567f01c22a75168015a48fb0260a35c76e669b652c0.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
b38f9526ebc6b59c267b7567f01c22a75168015a48fb0260a35c76e669b652c0.exe
Resource
win11-20250508-en
Malware Config
Targets
-
-
Target
b38f9526ebc6b59c267b7567f01c22a75168015a48fb0260a35c76e669b652c0
-
Size
18KB
-
MD5
24ab0cd24136a23b222d718b5a466932
-
SHA1
257d4758de2fe7e81f571d6395b21251f4850a5d
-
SHA256
b38f9526ebc6b59c267b7567f01c22a75168015a48fb0260a35c76e669b652c0
-
SHA512
7fefe0a01f9a25ebd2f9d9d1a4449f3f5bca5e3f4860a5b31cbbe609a6f9f9b3567de2dd6a04958d42d40c50e9336f27c78c21023c2ee8bc2e389c07529abbe9
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOv1I:uZ4FLz8ae+rOn8ae+rOy
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5289) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-