General
-
Target
dafb5ac1c6fd1f3b6d2e83f52d4d3ee75cad504b80a972310900e5b2c2d5ed6d
-
Size
46KB
-
Sample
250529-j51kdsen8z
-
MD5
0f796a8b3aab03ae73eee25ced8edd29
-
SHA1
baab7d547d1d5dd8e2308e6cc0eda576787c242d
-
SHA256
dafb5ac1c6fd1f3b6d2e83f52d4d3ee75cad504b80a972310900e5b2c2d5ed6d
-
SHA512
4f990fbd20284ed8b3ecf27145e75b9ff599af04ae53839a88fa85755e5d6a6563fa2f9872bf46455378ea6ef192cbcd9fa62d8c554b920c5cbc6a3c881d0fab
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvqhs:s7ZppApdIIJQP+UDQvqhs
Behavioral task
behavioral1
Sample
dafb5ac1c6fd1f3b6d2e83f52d4d3ee75cad504b80a972310900e5b2c2d5ed6d.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
dafb5ac1c6fd1f3b6d2e83f52d4d3ee75cad504b80a972310900e5b2c2d5ed6d
-
Size
46KB
-
MD5
0f796a8b3aab03ae73eee25ced8edd29
-
SHA1
baab7d547d1d5dd8e2308e6cc0eda576787c242d
-
SHA256
dafb5ac1c6fd1f3b6d2e83f52d4d3ee75cad504b80a972310900e5b2c2d5ed6d
-
SHA512
4f990fbd20284ed8b3ecf27145e75b9ff599af04ae53839a88fa85755e5d6a6563fa2f9872bf46455378ea6ef192cbcd9fa62d8c554b920c5cbc6a3c881d0fab
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvqhs:s7ZppApdIIJQP+UDQvqhs
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5221) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-