General

  • Target

    256b244320bdb456feb3bccac7cd870698b1fa53b1fd32b39f02e03003284b75

  • Size

    19KB

  • MD5

    32659ccf24b8bacc1e9e9d369a81b3e7

  • SHA1

    c091ca4860be26d14f7b950dec7ec504747a633f

  • SHA256

    256b244320bdb456feb3bccac7cd870698b1fa53b1fd32b39f02e03003284b75

  • SHA512

    06bbd263b9cc6a4b75085f7c5378aa40f81cee99a130b54cf4a44f0831ae7bc97eca0c6c7ddd34ea10740cb88ae62cef1269f2f53cf99571b7a24de2eccfc425

  • SSDEEP

    384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOW:s7BlpppARFbhdLz8ae+rOn8ae+rOW

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 256b244320bdb456feb3bccac7cd870698b1fa53b1fd32b39f02e03003284b75
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections