General

  • Target

    59b2f69e78dda87f83f15f064a25e40551c62878cebfc66e541f6bd79e67d42d

  • Size

    133KB

  • MD5

    d01f29ca822ea6d0b65d4997aa8252a9

  • SHA1

    e3800ae952beed650dd328008460d730395d21f7

  • SHA256

    59b2f69e78dda87f83f15f064a25e40551c62878cebfc66e541f6bd79e67d42d

  • SHA512

    b2614f72ab9299e3bff94e6a2c8684d8733d4373c67b2d3b254f257109d25044d9eb392478c9efa708b00492f36f51c2faec70a6ab7c5bf334dbb8d845e2a6a7

  • SSDEEP

    1536:s7ZppApdIIXJUDJUzreQvow2GIIXJUDJUzreQvowe:spWp1reVwDreVwe

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 59b2f69e78dda87f83f15f064a25e40551c62878cebfc66e541f6bd79e67d42d
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections