General

  • Target

    28c985e09a5844317c11719cb45e2cdb7e59aace44f368d17b5093699cf70a1f

  • Size

    34KB

  • MD5

    c723f0584ef526efa1f1eaea94df14d8

  • SHA1

    b984a485db4a2f68effbe007c5f78585ddc53b0a

  • SHA256

    28c985e09a5844317c11719cb45e2cdb7e59aace44f368d17b5093699cf70a1f

  • SHA512

    ac3db58129c3e04a214ef3deee51a01bb2298523979724e1ddbd27a3ffc46bc5851301226592539453ff7f245a66c7d15e34a0751d360f94ddda69f2ef022bb9

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rO+4500n1kJ00n1khxhxz:s7ZppApdII+49101az1

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 28c985e09a5844317c11719cb45e2cdb7e59aace44f368d17b5093699cf70a1f
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections