General

  • Target

    65349d39466a2429eb00219c14c4458691f35198423b5e6ee268eaeefb2e0c52

  • Size

    100KB

  • MD5

    01cdf80c07c90c2552680fefa2f96ca9

  • SHA1

    1106093e1e75637dee381dbf92dd5ff659101dfa

  • SHA256

    65349d39466a2429eb00219c14c4458691f35198423b5e6ee268eaeefb2e0c52

  • SHA512

    f8af356360c719884aa4e6d7e5fb727a10a5e2f1fb6643e5020f927867b5a9eac76f7d390d3872bfd759a2f805d2dc6345fa19258939e47e00c42668de0d9ea5

  • SSDEEP

    3072:spWpW+ocbmMSIBSFHQi8bLRCw/UnElCD+kffteA05afFk/cs2/w+0Yomxgr42v1J:Ngynx

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 65349d39466a2429eb00219c14c4458691f35198423b5e6ee268eaeefb2e0c52
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections