General

  • Target

    239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4

  • Size

    78KB

  • Sample

    250529-h8vymsel4x

  • MD5

    24554ecdb0bb1e48a08e10bce1f76479

  • SHA1

    6344d87eda7eeedffa252fa570dc989f4e52734c

  • SHA256

    239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4

  • SHA512

    9216d795b08f2052265ee989fb1d1af6bbe1dd8b0d82c9997a1c7d9223f1b42d2c944a8c6a125f6cbe74f5b3b94d8d6c6786f996fd19769eacc4848d9fdf9efd

  • SSDEEP

    1536:s7ZppApdIIoJhiJh/0q9ipzSwG7rDBVjSnJ81wGgfO04fq8ONamJR1nhOqVXEaX6:spWp1iMBFh1hgfO04fX0tJR18qbK

Malware Config

Targets

    • Target

      239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4

    • Size

      78KB

    • MD5

      24554ecdb0bb1e48a08e10bce1f76479

    • SHA1

      6344d87eda7eeedffa252fa570dc989f4e52734c

    • SHA256

      239cc54b3a421726486181672d2758782595c68fb9b7e96326edff33061e73a4

    • SHA512

      9216d795b08f2052265ee989fb1d1af6bbe1dd8b0d82c9997a1c7d9223f1b42d2c944a8c6a125f6cbe74f5b3b94d8d6c6786f996fd19769eacc4848d9fdf9efd

    • SSDEEP

      1536:s7ZppApdIIoJhiJh/0q9ipzSwG7rDBVjSnJ81wGgfO04fq8ONamJR1nhOqVXEaX6:spWp1iMBFh1hgfO04fX0tJR18qbK

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5092) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks