General
-
Target
36caa8bccfe1474a7aa5986d0cc0bf4599d91871ec204a3603e8bca5b6f33b98
-
Size
22KB
-
Sample
250529-j6lgvsen9z
-
MD5
2b02c06be4b53a283b03d31408d22659
-
SHA1
4037f8521da097cf180a0f75b937ca3095c7eec5
-
SHA256
36caa8bccfe1474a7aa5986d0cc0bf4599d91871ec204a3603e8bca5b6f33b98
-
SHA512
be9399bc6769e10f4ae7882299956f298a39932656d2329af57aa04c5c3670c6387b6bc3aac5f51db60ed52d2ae44669a89b82b874182ac0dd1d45f0a3aa65d8
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOdAwAJOgYAwAJOgTlZGlZo:s7BlpppARFbhdLz8ae+rOn8ae+rOewAZ
Behavioral task
behavioral1
Sample
36caa8bccfe1474a7aa5986d0cc0bf4599d91871ec204a3603e8bca5b6f33b98.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
36caa8bccfe1474a7aa5986d0cc0bf4599d91871ec204a3603e8bca5b6f33b98
-
Size
22KB
-
MD5
2b02c06be4b53a283b03d31408d22659
-
SHA1
4037f8521da097cf180a0f75b937ca3095c7eec5
-
SHA256
36caa8bccfe1474a7aa5986d0cc0bf4599d91871ec204a3603e8bca5b6f33b98
-
SHA512
be9399bc6769e10f4ae7882299956f298a39932656d2329af57aa04c5c3670c6387b6bc3aac5f51db60ed52d2ae44669a89b82b874182ac0dd1d45f0a3aa65d8
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOdAwAJOgYAwAJOgTlZGlZo:s7BlpppARFbhdLz8ae+rOn8ae+rOewAZ
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5332) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-