General
-
Target
0acc9c67da8dabf4b9798a84d4e9386793aba0dce8facf74c37908608742cbfe
-
Size
141KB
-
Sample
250529-h6s19sel2v
-
MD5
162d7d600f9ec6068df02b18ef2d486b
-
SHA1
7ffb1e569dc164eb64bd9454dae81ff3cdeadcff
-
SHA256
0acc9c67da8dabf4b9798a84d4e9386793aba0dce8facf74c37908608742cbfe
-
SHA512
6f8c2cfdaf37424d51c1374ecc76b377988075f00f715100982d6bc8c419352a122f5c64e6c7b9e132848fb9f782f32647426854eee03692c4044a806f247a85
-
SSDEEP
3072:spWp/CFmjIUjnBiFRlZQlVvr85iN/YG0FBZcM:NNCFeBSI385i32Zl
Behavioral task
behavioral1
Sample
0acc9c67da8dabf4b9798a84d4e9386793aba0dce8facf74c37908608742cbfe.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
0acc9c67da8dabf4b9798a84d4e9386793aba0dce8facf74c37908608742cbfe
-
Size
141KB
-
MD5
162d7d600f9ec6068df02b18ef2d486b
-
SHA1
7ffb1e569dc164eb64bd9454dae81ff3cdeadcff
-
SHA256
0acc9c67da8dabf4b9798a84d4e9386793aba0dce8facf74c37908608742cbfe
-
SHA512
6f8c2cfdaf37424d51c1374ecc76b377988075f00f715100982d6bc8c419352a122f5c64e6c7b9e132848fb9f782f32647426854eee03692c4044a806f247a85
-
SSDEEP
3072:spWp/CFmjIUjnBiFRlZQlVvr85iN/YG0FBZcM:NNCFeBSI385i32Zl
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4847) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-