General

  • Target

    bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2

  • Size

    42KB

  • Sample

    250529-j6aelaen9t

  • MD5

    f693370267360e9f317e3ead10ba0f3d

  • SHA1

    7a832a19b8c3b7610c35d6001ceca1e18dae8ff3

  • SHA256

    bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2

  • SHA512

    68e5d609a0114f4362ae2fda14cef04f8e2ecb6b761b94ff0a7de19e23dbed1704817cc58ae24f0e8a9eb844124abca0bb40d5e65c515ffd02b5528c687987ea

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvqhu:s7ZppApdIIJQP+UDQvqhu

Malware Config

Targets

    • Target

      bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2

    • Size

      42KB

    • MD5

      f693370267360e9f317e3ead10ba0f3d

    • SHA1

      7a832a19b8c3b7610c35d6001ceca1e18dae8ff3

    • SHA256

      bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2

    • SHA512

      68e5d609a0114f4362ae2fda14cef04f8e2ecb6b761b94ff0a7de19e23dbed1704817cc58ae24f0e8a9eb844124abca0bb40d5e65c515ffd02b5528c687987ea

    • SSDEEP

      768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvqhu:s7ZppApdIIJQP+UDQvqhu

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5211) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks