General

  • Target

    60ff2e2c618390b9b37e8722df41a356096088e6d456f9028d2578d77bcc7b55

  • Size

    27KB

  • MD5

    cbd64e1517bc97367d6a060054438dad

  • SHA1

    1e3c439611c0bc0aa82eb91d24b4d2fb98885381

  • SHA256

    60ff2e2c618390b9b37e8722df41a356096088e6d456f9028d2578d77bcc7b55

  • SHA512

    22f628136afe53aa2c2a601cdf9aac809fece970ae0398d8110b56879b46cfe57ee3d4d2ce20ead25215b72610a3296e6b26739102d6306cfe4d08b1246fdc25

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83656yoNUOIiJfoNUOIiJ2:s7ZppApdIIPMD4Y

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 60ff2e2c618390b9b37e8722df41a356096088e6d456f9028d2578d77bcc7b55
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections