General
-
Target
825d6f8ef56b92d61aaa631111066410870bab73ecc54c2db8958d5fd7e64a73
-
Size
51KB
-
Sample
250529-jbmfnsel8t
-
MD5
47f70202906aea5acb3abea8ee5a505c
-
SHA1
b1b4f88a5f704dc571e67c565cafa264a1b5642b
-
SHA256
825d6f8ef56b92d61aaa631111066410870bab73ecc54c2db8958d5fd7e64a73
-
SHA512
1093daf2f9cefffd2bee0893d06524595ddb8cd9eca648efea15f974c3cdc44dae601082217a5c8c988501eb3a08d1058e327a2bdcc089f246af9cf12d6b5812
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJh7HJ0muigiyAb6YgHPc67PA4OM1fr:s7ZppApdIIoJhiJh/uiwAkkSOkfr
Behavioral task
behavioral1
Sample
825d6f8ef56b92d61aaa631111066410870bab73ecc54c2db8958d5fd7e64a73.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
825d6f8ef56b92d61aaa631111066410870bab73ecc54c2db8958d5fd7e64a73
-
Size
51KB
-
MD5
47f70202906aea5acb3abea8ee5a505c
-
SHA1
b1b4f88a5f704dc571e67c565cafa264a1b5642b
-
SHA256
825d6f8ef56b92d61aaa631111066410870bab73ecc54c2db8958d5fd7e64a73
-
SHA512
1093daf2f9cefffd2bee0893d06524595ddb8cd9eca648efea15f974c3cdc44dae601082217a5c8c988501eb3a08d1058e327a2bdcc089f246af9cf12d6b5812
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJh7HJ0muigiyAb6YgHPc67PA4OM1fr:s7ZppApdIIoJhiJh/uiwAkkSOkfr
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5201) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-