General
-
Target
5515a1eaf193a4cd99195140508dbe4858cbf424e502556d9e5b864d1f6cd1c6
-
Size
36KB
-
Sample
250529-n53f7scn7x
-
MD5
9857554d149c7ad3173a26eba707444d
-
SHA1
cf9c804ec46c37e7ba4daa6522e23831282f1afb
-
SHA256
5515a1eaf193a4cd99195140508dbe4858cbf424e502556d9e5b864d1f6cd1c6
-
SHA512
eef2675d5f592573f5a106bc4104c2835a4c6565a4b7fae1ffd5b6cf007ddd21f810af5cd1e90aa15d7cbf3920324222a3b62bfd171aefbdd249081de9c1fc63
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOr9NNV5H/V36aNQP+OKGDw9ce9cXLk:uZ4FLz8ae+rOn8ae+rO2aNQP+UDQvWLk
Static task
static1
Behavioral task
behavioral1
Sample
5515a1eaf193a4cd99195140508dbe4858cbf424e502556d9e5b864d1f6cd1c6.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
5515a1eaf193a4cd99195140508dbe4858cbf424e502556d9e5b864d1f6cd1c6
-
Size
36KB
-
MD5
9857554d149c7ad3173a26eba707444d
-
SHA1
cf9c804ec46c37e7ba4daa6522e23831282f1afb
-
SHA256
5515a1eaf193a4cd99195140508dbe4858cbf424e502556d9e5b864d1f6cd1c6
-
SHA512
eef2675d5f592573f5a106bc4104c2835a4c6565a4b7fae1ffd5b6cf007ddd21f810af5cd1e90aa15d7cbf3920324222a3b62bfd171aefbdd249081de9c1fc63
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOr9NNV5H/V36aNQP+OKGDw9ce9cXLk:uZ4FLz8ae+rOn8ae+rO2aNQP+UDQvWLk
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5209) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-