General

  • Target

    2e1f586697c83304478107b3553d5bc87f86833676fb84c2dcb837358369aaa5

  • Size

    38KB

  • MD5

    ffe5d3a78b5d45ba66dc102388e5b6ca

  • SHA1

    adb6b804e04f17ebf99e916fa0ace43fbcbf1bb2

  • SHA256

    2e1f586697c83304478107b3553d5bc87f86833676fb84c2dcb837358369aaa5

  • SHA512

    80a5365df056a45816704035daef2f8cb9500a7259b4ec2ccd4f288303624dd34e8cc48738c4b7e19f78fed5f8a7d769ffe94fd2767e1fd450f9a578e0375a58

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOfXqJ7gJ7ITr:s7ZppApdIISJ7gJ7c

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2e1f586697c83304478107b3553d5bc87f86833676fb84c2dcb837358369aaa5
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections