General
-
Target
239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4
-
Size
78KB
-
Sample
250529-h8vymsel4x
-
MD5
24554ecdb0bb1e48a08e10bce1f76479
-
SHA1
6344d87eda7eeedffa252fa570dc989f4e52734c
-
SHA256
239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4
-
SHA512
9216d795b08f2052265ee989fb1d1af6bbe1dd8b0d82c9997a1c7d9223f1b42d2c944a8c6a125f6cbe74f5b3b94d8d6c6786f996fd19769eacc4848d9fdf9efd
-
SSDEEP
1536:s7ZppApdIIoJhiJh/0q9ipzSwG7rDBVjSnJ81wGgfO04fq8ONamJR1nhOqVXEaX6:spWp1iMBFh1hgfO04fX0tJR18qbK
Behavioral task
behavioral1
Sample
239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4
-
Size
78KB
-
MD5
24554ecdb0bb1e48a08e10bce1f76479
-
SHA1
6344d87eda7eeedffa252fa570dc989f4e52734c
-
SHA256
239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4
-
SHA512
9216d795b08f2052265ee989fb1d1af6bbe1dd8b0d82c9997a1c7d9223f1b42d2c944a8c6a125f6cbe74f5b3b94d8d6c6786f996fd19769eacc4848d9fdf9efd
-
SSDEEP
1536:s7ZppApdIIoJhiJh/0q9ipzSwG7rDBVjSnJ81wGgfO04fq8ONamJR1nhOqVXEaX6:spWp1iMBFh1hgfO04fX0tJR18qbK
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5092) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-