General

  • Target

    31219bb50eca7514d0043992615702d4beef2ded95f668edaca1e8a92905208a

  • Size

    79KB

  • MD5

    6a43f3c8567cca14b422a3fe1b3b5a07

  • SHA1

    a16d10ded5e5cb3781c6f066db83370603b986b7

  • SHA256

    31219bb50eca7514d0043992615702d4beef2ded95f668edaca1e8a92905208a

  • SHA512

    40523062a4ccee23e61724967aa1139723ed3dc75ec97c9da9431fb77c82665d52aaad97f0dc4b5d87bbc0d7e219d2ddc90628e738ed1f7b6dd534da7774fc12

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYueGJhzAEaSXmlOT:s7ZppApdIIoJhiJhYueBFJlOT

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 31219bb50eca7514d0043992615702d4beef2ded95f668edaca1e8a92905208a
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections