General

  • Target

    6f977507c2351c072005e4d0e5a2d07b262b25b239f326cebf5931870b24f740

  • Size

    124KB

  • MD5

    712e8e248eadcadea6c4066912f56eee

  • SHA1

    ce907cf7953845c635e80a53dea37413d1d321bf

  • SHA256

    6f977507c2351c072005e4d0e5a2d07b262b25b239f326cebf5931870b24f740

  • SHA512

    abd96f7f352f5612bf54edf3c32a0137990bcfad5a0a585467ce7140183a3f4ebb14f2a2d5e07c9b26c56e2624702dfe262f0e2bdcbf9e0babcde1d4d20c90d6

  • SSDEEP

    1536:s7ZppApdIIoJhiJhY3QICr7dG2JAh8Sh8Ge+AeQ7w9yyV8gcO:spWpYHySeA

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6f977507c2351c072005e4d0e5a2d07b262b25b239f326cebf5931870b24f740
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections