General
-
Target
bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2
-
Size
42KB
-
Sample
250529-j6aelaen9t
-
MD5
f693370267360e9f317e3ead10ba0f3d
-
SHA1
7a832a19b8c3b7610c35d6001ceca1e18dae8ff3
-
SHA256
bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2
-
SHA512
68e5d609a0114f4362ae2fda14cef04f8e2ecb6b761b94ff0a7de19e23dbed1704817cc58ae24f0e8a9eb844124abca0bb40d5e65c515ffd02b5528c687987ea
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvqhu:s7ZppApdIIJQP+UDQvqhu
Behavioral task
behavioral1
Sample
bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2
-
Size
42KB
-
MD5
f693370267360e9f317e3ead10ba0f3d
-
SHA1
7a832a19b8c3b7610c35d6001ceca1e18dae8ff3
-
SHA256
bc714421b75f664311df6c8ddaaf8985bb175fa4e246257ceace4f0c9b037ca2
-
SHA512
68e5d609a0114f4362ae2fda14cef04f8e2ecb6b761b94ff0a7de19e23dbed1704817cc58ae24f0e8a9eb844124abca0bb40d5e65c515ffd02b5528c687987ea
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvqhu:s7ZppApdIIJQP+UDQvqhu
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5211) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-