General
-
Target
6cfe052b6f4b2dd0f4906af5cf20192bc62deced2d3af7e79eea5f2fd761d74d
-
Size
74KB
-
Sample
250529-j74d3azls2
-
MD5
1b8b095bfa5a58b041167c4aa5a3b460
-
SHA1
4c7affbb9fed821f1f292acb5240150df9d0b5cd
-
SHA256
6cfe052b6f4b2dd0f4906af5cf20192bc62deced2d3af7e79eea5f2fd761d74d
-
SHA512
2fc1c95450052d7f6eabeeda79a54e33fd082634c6106304cf8d9239752ec825b76117c319cbcdc7018851bf725b0b130914d2ac6805a948a4dfbcdc22093b8d
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQv7eZ4FLz8ae+rOn8ae+rO2aNQPO:s7ZppApdIIJQP+UDQvqGIIJQP+UDQvN
Behavioral task
behavioral1
Sample
6cfe052b6f4b2dd0f4906af5cf20192bc62deced2d3af7e79eea5f2fd761d74d.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
6cfe052b6f4b2dd0f4906af5cf20192bc62deced2d3af7e79eea5f2fd761d74d.exe
Resource
win11-20250508-en
Malware Config
Targets
-
-
Target
6cfe052b6f4b2dd0f4906af5cf20192bc62deced2d3af7e79eea5f2fd761d74d
-
Size
74KB
-
MD5
1b8b095bfa5a58b041167c4aa5a3b460
-
SHA1
4c7affbb9fed821f1f292acb5240150df9d0b5cd
-
SHA256
6cfe052b6f4b2dd0f4906af5cf20192bc62deced2d3af7e79eea5f2fd761d74d
-
SHA512
2fc1c95450052d7f6eabeeda79a54e33fd082634c6106304cf8d9239752ec825b76117c319cbcdc7018851bf725b0b130914d2ac6805a948a4dfbcdc22093b8d
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQv7eZ4FLz8ae+rOn8ae+rO2aNQPO:s7ZppApdIIJQP+UDQvqGIIJQP+UDQvN
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5135) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-