General
-
Target
6dacf8304ad5d9474d7d01fb963362ee1d7b335bf016d725e7fdcbd4bb58f83b
-
Size
20KB
-
Sample
250529-h4smqayrs9
-
MD5
17985275be2bcf54dbe335e605445964
-
SHA1
3d592cd3eb15e5b91872fb79e85eca385812ad0f
-
SHA256
6dacf8304ad5d9474d7d01fb963362ee1d7b335bf016d725e7fdcbd4bb58f83b
-
SHA512
4f49f80f91f0990a06005a3b588134b532e27c4544f3031a8665005c7c69f589bb1bfa7bd3ed77186869d0c42e29e37ad57a68407686afee712f41bf82e91cc8
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOQl8Prl8Pd:s7BlpppARFbhdLz8ae+rOn8ae+rOVPKF
Behavioral task
behavioral1
Sample
6dacf8304ad5d9474d7d01fb963362ee1d7b335bf016d725e7fdcbd4bb58f83b.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
6dacf8304ad5d9474d7d01fb963362ee1d7b335bf016d725e7fdcbd4bb58f83b.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
6dacf8304ad5d9474d7d01fb963362ee1d7b335bf016d725e7fdcbd4bb58f83b
-
Size
20KB
-
MD5
17985275be2bcf54dbe335e605445964
-
SHA1
3d592cd3eb15e5b91872fb79e85eca385812ad0f
-
SHA256
6dacf8304ad5d9474d7d01fb963362ee1d7b335bf016d725e7fdcbd4bb58f83b
-
SHA512
4f49f80f91f0990a06005a3b588134b532e27c4544f3031a8665005c7c69f589bb1bfa7bd3ed77186869d0c42e29e37ad57a68407686afee712f41bf82e91cc8
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOQl8Prl8Pd:s7BlpppARFbhdLz8ae+rOn8ae+rOVPKF
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5299) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-