General

  • Target

    684b848e80e4c95ecb7f2b390d64cc8564219ff506492d64a5d82af7eb911130

  • Size

    33KB

  • MD5

    9e694f8ce782f063a8e2db0e0ca14bcf

  • SHA1

    747ee307b9b4f1f09e200c92f303501ceba0b7ce

  • SHA256

    684b848e80e4c95ecb7f2b390d64cc8564219ff506492d64a5d82af7eb911130

  • SHA512

    5af5bc153e38edd80296b595b5acc9c855dee141dd8a4fd0620800b3b6203f21a56fba532295aa54a754a50072334f89ec5452b5f80b22eac38903ad435690fd

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rO+4500n1kJ00n1k+qAEJBqAEJb:s7ZppApdII+49101d

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 684b848e80e4c95ecb7f2b390d64cc8564219ff506492d64a5d82af7eb911130
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections