General
-
Target
687b6e6cc190a48a55f15648dd5be676b8bc94e56f54989ecf664983b3613a66
-
Size
513KB
-
Sample
250529-n7cnkacn7z
-
MD5
256219536689be0d03bcdb1f95ed6e61
-
SHA1
fe0771c3b7051976393a468326dc5fc301343b31
-
SHA256
687b6e6cc190a48a55f15648dd5be676b8bc94e56f54989ecf664983b3613a66
-
SHA512
a8e2d69df1efc77ceb8a7a28ab2f1e7d48c48ff2c431d95e9afdf4ad7d1fc62f5d20a712330fbd90defa5fe64a93c30114d4d052d80819ea7aecd2c1cd55dbce
-
SSDEEP
6144:NKGPFZZgZZ6ZZZNqrZZ026kZZZsMLZZZ2qwmmmEmm8nmmmmmmmmL+zFmmmP3Jsyi:kuWvuyaxKT9512
Behavioral task
behavioral1
Sample
687b6e6cc190a48a55f15648dd5be676b8bc94e56f54989ecf664983b3613a66.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
687b6e6cc190a48a55f15648dd5be676b8bc94e56f54989ecf664983b3613a66
-
Size
513KB
-
MD5
256219536689be0d03bcdb1f95ed6e61
-
SHA1
fe0771c3b7051976393a468326dc5fc301343b31
-
SHA256
687b6e6cc190a48a55f15648dd5be676b8bc94e56f54989ecf664983b3613a66
-
SHA512
a8e2d69df1efc77ceb8a7a28ab2f1e7d48c48ff2c431d95e9afdf4ad7d1fc62f5d20a712330fbd90defa5fe64a93c30114d4d052d80819ea7aecd2c1cd55dbce
-
SSDEEP
6144:NKGPFZZgZZ6ZZZNqrZZ026kZZZsMLZZZ2qwmmmEmm8nmmmmmmmmL+zFmmmP3Jsyi:kuWvuyaxKT9512
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (3983) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-