General
-
Target
763475916480ade53ccfe071e718904d16ad5880fcdc12db415bc04a2e933fd5
-
Size
80KB
-
Sample
250529-lzrreazyay
-
MD5
624c5c8c99e2ba380adeb8a27215a05c
-
SHA1
4a29d2a5626d2ebde027ed3d485ccd6b637b41fe
-
SHA256
763475916480ade53ccfe071e718904d16ad5880fcdc12db415bc04a2e933fd5
-
SHA512
ca71c56f657acd31ad9807be70cbd3931d700fa5db564daff13eb351bf90406cece3f15206eab88401b5daeb72be52b00fb1c4822a79b4f3122402914a56660c
-
SSDEEP
1536:s7ZppApdII1GeFGFBYythAYythBGII1GeFGFBYythAYythM:spWpshUhFhUhM
Behavioral task
behavioral1
Sample
763475916480ade53ccfe071e718904d16ad5880fcdc12db415bc04a2e933fd5.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
763475916480ade53ccfe071e718904d16ad5880fcdc12db415bc04a2e933fd5.exe
Resource
win11-20250508-en
Malware Config
Targets
-
-
Target
763475916480ade53ccfe071e718904d16ad5880fcdc12db415bc04a2e933fd5
-
Size
80KB
-
MD5
624c5c8c99e2ba380adeb8a27215a05c
-
SHA1
4a29d2a5626d2ebde027ed3d485ccd6b637b41fe
-
SHA256
763475916480ade53ccfe071e718904d16ad5880fcdc12db415bc04a2e933fd5
-
SHA512
ca71c56f657acd31ad9807be70cbd3931d700fa5db564daff13eb351bf90406cece3f15206eab88401b5daeb72be52b00fb1c4822a79b4f3122402914a56660c
-
SSDEEP
1536:s7ZppApdII1GeFGFBYythAYythBGII1GeFGFBYythAYythM:spWpshUhFhUhM
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5036) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-