General
-
Target
0a12f5cdce954dc4eaca8b1454ee36a1b228a8e6b933d0f8f0784cbe3829e53d
-
Size
69KB
-
Sample
250529-lzscyazq14
-
MD5
1395b4a04e2b021326eb9fa5113cc35c
-
SHA1
8d6f12857aba601dd5eb947899fe5faf6383a27c
-
SHA256
0a12f5cdce954dc4eaca8b1454ee36a1b228a8e6b933d0f8f0784cbe3829e53d
-
SHA512
c373a060250ab52ad64cd9cc0791cd7332ea9937c0a741e47e22cab16d09e7bb81211ada5bd6d1bf702809fb39a55c4fddd92179f9df9cb4388319fcb35a9ddf
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYL:s7ZppApdIIoJhiJhYL
Behavioral task
behavioral1
Sample
0a12f5cdce954dc4eaca8b1454ee36a1b228a8e6b933d0f8f0784cbe3829e53d.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
0a12f5cdce954dc4eaca8b1454ee36a1b228a8e6b933d0f8f0784cbe3829e53d.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
0a12f5cdce954dc4eaca8b1454ee36a1b228a8e6b933d0f8f0784cbe3829e53d
-
Size
69KB
-
MD5
1395b4a04e2b021326eb9fa5113cc35c
-
SHA1
8d6f12857aba601dd5eb947899fe5faf6383a27c
-
SHA256
0a12f5cdce954dc4eaca8b1454ee36a1b228a8e6b933d0f8f0784cbe3829e53d
-
SHA512
c373a060250ab52ad64cd9cc0791cd7332ea9937c0a741e47e22cab16d09e7bb81211ada5bd6d1bf702809fb39a55c4fddd92179f9df9cb4388319fcb35a9ddf
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYL:s7ZppApdIIoJhiJhYL
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5128) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-