General
-
Target
0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6
-
Size
25KB
-
Sample
250529-n7czbs1wbv
-
MD5
fcd15511ba50c6c59efef7a352352329
-
SHA1
ef1c38322fb9bdc6ba5f2e10ac2bfc7844ecc8a4
-
SHA256
0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6
-
SHA512
11cdb9f20f065494989ee91b19122d42a57a0fdd9e145e637418eb75e889fde809f7adb6e760481d2c7560548f09f0f11931d42aca034f424842a260fe08e1e9
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOHPRPq+BSBmBCUK9+BSBmBCUKUgZgD:uGIIHp1MkPMkTgZgD
Static task
static1
Behavioral task
behavioral1
Sample
0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6
-
Size
25KB
-
MD5
fcd15511ba50c6c59efef7a352352329
-
SHA1
ef1c38322fb9bdc6ba5f2e10ac2bfc7844ecc8a4
-
SHA256
0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6
-
SHA512
11cdb9f20f065494989ee91b19122d42a57a0fdd9e145e637418eb75e889fde809f7adb6e760481d2c7560548f09f0f11931d42aca034f424842a260fe08e1e9
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOHPRPq+BSBmBCUK9+BSBmBCUKUgZgD:uGIIHp1MkPMkTgZgD
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5122) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-