General
-
Target
78bf26cf8e0919e011a8a52ece4fdd8d68d7d99930a7d14f94d3debd9bf6d0a3
-
Size
69KB
-
Sample
250529-n7ah7s1way
-
MD5
758e87f4f25429c8f6a9e1d9a4c0ddc9
-
SHA1
846f3cfa5282457b8447998d205c4f8c2b744e9d
-
SHA256
78bf26cf8e0919e011a8a52ece4fdd8d68d7d99930a7d14f94d3debd9bf6d0a3
-
SHA512
f76f94bea0c949436cfe94117df46f27befde2b8aa9edbe73991b693d284fe70959a9f0156df47e8ffa5850145049add30b997306dc0950a872effd5588cc19b
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYwoGvOiJ1IOiJfoGvOiJ1IOiJh:s7ZppApdIIoJhiJhYG121I
Behavioral task
behavioral1
Sample
78bf26cf8e0919e011a8a52ece4fdd8d68d7d99930a7d14f94d3debd9bf6d0a3.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
78bf26cf8e0919e011a8a52ece4fdd8d68d7d99930a7d14f94d3debd9bf6d0a3.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
78bf26cf8e0919e011a8a52ece4fdd8d68d7d99930a7d14f94d3debd9bf6d0a3
-
Size
69KB
-
MD5
758e87f4f25429c8f6a9e1d9a4c0ddc9
-
SHA1
846f3cfa5282457b8447998d205c4f8c2b744e9d
-
SHA256
78bf26cf8e0919e011a8a52ece4fdd8d68d7d99930a7d14f94d3debd9bf6d0a3
-
SHA512
f76f94bea0c949436cfe94117df46f27befde2b8aa9edbe73991b693d284fe70959a9f0156df47e8ffa5850145049add30b997306dc0950a872effd5588cc19b
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhYwoGvOiJ1IOiJfoGvOiJ1IOiJh:s7ZppApdIIoJhiJhYG121I
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5197) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-