General

  • Target

    241eafe0509458d94b68bff75fd8ad2c8d13e67bdcafe579ada2f7736c11a163

  • Size

    64KB

  • MD5

    f76ceb54bff59e4541d510966d158d6e

  • SHA1

    56c4adf27b959a5787bc26492a0ceca44ddabccc

  • SHA256

    241eafe0509458d94b68bff75fd8ad2c8d13e67bdcafe579ada2f7736c11a163

  • SHA512

    c9898096e88690bdbbdc573f1318aac62785785ba27a81efae3ebb3c4e04891566b571479d4a242e5479df30b5aa92e9cdcccbbfc421239b06b4cb9b32f96c55

  • SSDEEP

    1536:s7ZppApdII+49101NGII+49101t+ZGtK1+ZGtKP:spWpRGOGaZGtKgZGtKP

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 241eafe0509458d94b68bff75fd8ad2c8d13e67bdcafe579ada2f7736c11a163
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections