General
-
Target
6de3682eeeefa659273d6c8d4944c8a686947e2d68e4e453af4aac6525acd6b8
-
Size
22KB
-
Sample
250529-j9nfmazlt6
-
MD5
0d784a1fec5fc175fa62d78707a0ddbc
-
SHA1
9c4c42906f5ec4e7fac4c7073d7a15dc5b88cbf7
-
SHA256
6de3682eeeefa659273d6c8d4944c8a686947e2d68e4e453af4aac6525acd6b8
-
SHA512
1dac7afd0008e1a949cb799bd99d59701d142981f41c0442d7cf379406e48e8a592486386386f1c4b857d28fd6ed4293e7c9afd6a8180daee9e41e9f9b706a57
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rO3ILAqAJOzAqAJOV:uZ4FLz8ae+rOn8ae+rO3IMqAJ/qAJA
Static task
static1
Behavioral task
behavioral1
Sample
6de3682eeeefa659273d6c8d4944c8a686947e2d68e4e453af4aac6525acd6b8.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
6de3682eeeefa659273d6c8d4944c8a686947e2d68e4e453af4aac6525acd6b8.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
6de3682eeeefa659273d6c8d4944c8a686947e2d68e4e453af4aac6525acd6b8
-
Size
22KB
-
MD5
0d784a1fec5fc175fa62d78707a0ddbc
-
SHA1
9c4c42906f5ec4e7fac4c7073d7a15dc5b88cbf7
-
SHA256
6de3682eeeefa659273d6c8d4944c8a686947e2d68e4e453af4aac6525acd6b8
-
SHA512
1dac7afd0008e1a949cb799bd99d59701d142981f41c0442d7cf379406e48e8a592486386386f1c4b857d28fd6ed4293e7c9afd6a8180daee9e41e9f9b706a57
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rO3ILAqAJOzAqAJOV:uZ4FLz8ae+rOn8ae+rO3IMqAJ/qAJA
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5287) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-