General
-
Target
85f4289206333ea6963bcdb3a26c92861e560e8ec2574fc66ad098296a15d318
-
Size
69KB
-
Sample
250529-n5zejscn7v
-
MD5
a939963329792be46f92ef793b9b6c2d
-
SHA1
927ba4b7cea32afca21862bf6837489c1cb5daea
-
SHA256
85f4289206333ea6963bcdb3a26c92861e560e8ec2574fc66ad098296a15d318
-
SHA512
7afc8e8d17cbb21d61f3643750269c1e74c3cb78051b6d0003309bec326b7e970d022f48a91c0b9053feb1178da59463475a10c1d3716b55f667de3b4b761410
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYx:s7ZppApdIIoJhiJhYx
Behavioral task
behavioral1
Sample
85f4289206333ea6963bcdb3a26c92861e560e8ec2574fc66ad098296a15d318.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
85f4289206333ea6963bcdb3a26c92861e560e8ec2574fc66ad098296a15d318
-
Size
69KB
-
MD5
a939963329792be46f92ef793b9b6c2d
-
SHA1
927ba4b7cea32afca21862bf6837489c1cb5daea
-
SHA256
85f4289206333ea6963bcdb3a26c92861e560e8ec2574fc66ad098296a15d318
-
SHA512
7afc8e8d17cbb21d61f3643750269c1e74c3cb78051b6d0003309bec326b7e970d022f48a91c0b9053feb1178da59463475a10c1d3716b55f667de3b4b761410
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYx:s7ZppApdIIoJhiJhYx
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5060) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-