General

  • Target

    7e70754070a194ddbaeb7bb830aac040f676bc9b2aa1a5022e36c8c97c212da2

  • Size

    152KB

  • MD5

    d3d0b83acb1010b38bd7b4c9c6d2a4c9

  • SHA1

    44af10e830257831f5ea90be0c74fc0b1fa43510

  • SHA256

    7e70754070a194ddbaeb7bb830aac040f676bc9b2aa1a5022e36c8c97c212da2

  • SHA512

    562fc402f086946c40d14ae0a684db35b9f6a7bf24d6d74c17c9a05a194d3f4fabddda0e2f6f24cbadb63f74d5beb9e52933492cbabda128dd665373e7dbb807

  • SSDEEP

    3072:spWpkqcPZkxjRbMl2k7ueySZl/L52hRDdfYh6qtz7wqLTfzv/q:NWNZkxB82k7uRST/2RDdAh5lRLLu

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7e70754070a194ddbaeb7bb830aac040f676bc9b2aa1a5022e36c8c97c212da2
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections