General
-
Target
10c83cec5bdb559132abe78821f2aa1a73c4e945af24c524f06bff7b71345fca
-
Size
27KB
-
Sample
250529-n69a5s1wax
-
MD5
7f5c1658cc1123a499a8d05e208b88ad
-
SHA1
eaae803f6c60f9bcf6f68c79d007ff35f96d917e
-
SHA256
10c83cec5bdb559132abe78821f2aa1a73c4e945af24c524f06bff7b71345fca
-
SHA512
3d280897eb42d776f3d4606297260f5517866808e4b2e630828b48d7c2395a69ca82e68194027681ce35860b153ce119166771e68c32a3f75c01ab726214c6b5
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOYE/AE/m4zftf6:s7BlpppARFbhdLz8ae+rOn8ae+rO+4I
Behavioral task
behavioral1
Sample
10c83cec5bdb559132abe78821f2aa1a73c4e945af24c524f06bff7b71345fca.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
10c83cec5bdb559132abe78821f2aa1a73c4e945af24c524f06bff7b71345fca.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
10c83cec5bdb559132abe78821f2aa1a73c4e945af24c524f06bff7b71345fca
-
Size
27KB
-
MD5
7f5c1658cc1123a499a8d05e208b88ad
-
SHA1
eaae803f6c60f9bcf6f68c79d007ff35f96d917e
-
SHA256
10c83cec5bdb559132abe78821f2aa1a73c4e945af24c524f06bff7b71345fca
-
SHA512
3d280897eb42d776f3d4606297260f5517866808e4b2e630828b48d7c2395a69ca82e68194027681ce35860b153ce119166771e68c32a3f75c01ab726214c6b5
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOYE/AE/m4zftf6:s7BlpppARFbhdLz8ae+rOn8ae+rO+4I
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5254) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-