General

  • Target

    5f3cf17b34e548cfb8b278909cb21cf7f555467f55ddf61f2b8060c3ea3e317d

  • Size

    74KB

  • MD5

    ae6adc166b89963f88bd0c6de1945c87

  • SHA1

    2573e21d5fc2c8cb9648da8bb0a49997e4a113cb

  • SHA256

    5f3cf17b34e548cfb8b278909cb21cf7f555467f55ddf61f2b8060c3ea3e317d

  • SHA512

    6bef7966409a5626d2e2e8b3d2fec6f6abb2eb76e67b92fedc141f6b965de8b0dfe0a9860e09ccb1fd5ffff765c80ff27a23a3a7a6885107b3b079e72e32eb40

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOCZ4FLz8ae+rOn8ae+rOx7BlpppARFbhdLz8E:s7ZppApdIICGIIx7ZppApdIICGIIp

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5f3cf17b34e548cfb8b278909cb21cf7f555467f55ddf61f2b8060c3ea3e317d
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections