General
-
Target
97762e835be468433809e5897c0bdea94c0fe342ed253ad14786fa1fbd185483
-
Size
36KB
-
Sample
250529-j6aelaen9s
-
MD5
15a0ef9f153d59ff410cfac0d34f1c1f
-
SHA1
04ac959d991eeed8ff9e21d8f6ac9eaa3a532c4a
-
SHA256
97762e835be468433809e5897c0bdea94c0fe342ed253ad14786fa1fbd185483
-
SHA512
a1978538e5d24fc98f4e4f7ecc274d5469adf5b6cd05c0b7212865880535f5950d56345d48b9098fa9c1a64348b82e41936b32cf54ad6633a60728d572cb2d91
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOfijcijK2J7u82J7uFBlBb:uZ4FLz8ae+rOn8ae+rOfXqJ7gJ7ITh
Static task
static1
Behavioral task
behavioral1
Sample
97762e835be468433809e5897c0bdea94c0fe342ed253ad14786fa1fbd185483.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
97762e835be468433809e5897c0bdea94c0fe342ed253ad14786fa1fbd185483
-
Size
36KB
-
MD5
15a0ef9f153d59ff410cfac0d34f1c1f
-
SHA1
04ac959d991eeed8ff9e21d8f6ac9eaa3a532c4a
-
SHA256
97762e835be468433809e5897c0bdea94c0fe342ed253ad14786fa1fbd185483
-
SHA512
a1978538e5d24fc98f4e4f7ecc274d5469adf5b6cd05c0b7212865880535f5950d56345d48b9098fa9c1a64348b82e41936b32cf54ad6633a60728d572cb2d91
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOfijcijK2J7u82J7uFBlBb:uZ4FLz8ae+rOn8ae+rOfXqJ7gJ7ITh
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5242) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-