General
-
Target
8d80647e2410b14956267e990c6a8f1546738bd63ef99ec819d9d03b95656af1
-
Size
69KB
-
Sample
250529-j7tjvsep2v
-
MD5
5ed1ec9827dbd9524e2d0ef0bae0133d
-
SHA1
2f97924b1c0224b9441abd52a028bc36a1ed9dd5
-
SHA256
8d80647e2410b14956267e990c6a8f1546738bd63ef99ec819d9d03b95656af1
-
SHA512
35560cde32c9f46055ff25b65340eb617eb8346fa640817ed9dd806219331906f8cea781462a5f3b60de049a5dcef798c86f843f4243f9ab3e897428701dbb41
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOrZkZ/7M4VZ4FLz8ae+rOn8ae+rOrZkZ/7M4T:s7ZppApdII1GQ4VGII1GQ4T
Behavioral task
behavioral1
Sample
8d80647e2410b14956267e990c6a8f1546738bd63ef99ec819d9d03b95656af1.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
8d80647e2410b14956267e990c6a8f1546738bd63ef99ec819d9d03b95656af1
-
Size
69KB
-
MD5
5ed1ec9827dbd9524e2d0ef0bae0133d
-
SHA1
2f97924b1c0224b9441abd52a028bc36a1ed9dd5
-
SHA256
8d80647e2410b14956267e990c6a8f1546738bd63ef99ec819d9d03b95656af1
-
SHA512
35560cde32c9f46055ff25b65340eb617eb8346fa640817ed9dd806219331906f8cea781462a5f3b60de049a5dcef798c86f843f4243f9ab3e897428701dbb41
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOrZkZ/7M4VZ4FLz8ae+rOn8ae+rOrZkZ/7M4T:s7ZppApdII1GQ4VGII1GQ4T
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5180) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-