General
-
Target
6eab9e511112eca0040d88d594f23a1590328184f296ebdd20173d0460a329c0
-
Size
69KB
-
Sample
250529-n6zrps1p15
-
MD5
a429282c372d93ffc2f233c58f32d123
-
SHA1
2b18fe830bbe9a25049b559ffb0e091a232fe67c
-
SHA256
6eab9e511112eca0040d88d594f23a1590328184f296ebdd20173d0460a329c0
-
SHA512
6bc32caca765d59c183fb69dad09a8f6171f4eb73cf13cca17163742c2a64493f0f29161f61b3adc69ef070c50124c580f71c14e05983df70c2e20ddcc7f132e
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYnw:s7ZppApdIIoJhiJhYw
Behavioral task
behavioral1
Sample
6eab9e511112eca0040d88d594f23a1590328184f296ebdd20173d0460a329c0.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
6eab9e511112eca0040d88d594f23a1590328184f296ebdd20173d0460a329c0.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
6eab9e511112eca0040d88d594f23a1590328184f296ebdd20173d0460a329c0
-
Size
69KB
-
MD5
a429282c372d93ffc2f233c58f32d123
-
SHA1
2b18fe830bbe9a25049b559ffb0e091a232fe67c
-
SHA256
6eab9e511112eca0040d88d594f23a1590328184f296ebdd20173d0460a329c0
-
SHA512
6bc32caca765d59c183fb69dad09a8f6171f4eb73cf13cca17163742c2a64493f0f29161f61b3adc69ef070c50124c580f71c14e05983df70c2e20ddcc7f132e
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYnw:s7ZppApdIIoJhiJhYw
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5122) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-