General

  • Target

    2d060d99dfc780f3bbf8f833adb029eeb1ab1d30d59ae4af403d4bcb493894d8

  • Size

    71KB

  • MD5

    c9ab956edf13c45c7bdc61f6ed93342f

  • SHA1

    18d305389c686684e11ad9016332160a4e14a713

  • SHA256

    2d060d99dfc780f3bbf8f833adb029eeb1ab1d30d59ae4af403d4bcb493894d8

  • SHA512

    ae963d7c9133c7fa46e0500372ad2ee8a87720db7acb5f7eb37f38744f6f851cca62fc518881313f522c73c718a7a4e85811c4afee74d8d02ae16ed4d0f58714

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYytt:s7ZppApdIIoJhiJhYm

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2d060d99dfc780f3bbf8f833adb029eeb1ab1d30d59ae4af403d4bcb493894d8
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections