General

  • Target

    0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6

  • Size

    25KB

  • Sample

    250529-n7czbs1wbv

  • MD5

    fcd15511ba50c6c59efef7a352352329

  • SHA1

    ef1c38322fb9bdc6ba5f2e10ac2bfc7844ecc8a4

  • SHA256

    0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6

  • SHA512

    11cdb9f20f065494989ee91b19122d42a57a0fdd9e145e637418eb75e889fde809f7adb6e760481d2c7560548f09f0f11931d42aca034f424842a260fe08e1e9

  • SSDEEP

    768:uZ4FLz8ae+rOn8ae+rOHPRPq+BSBmBCUK9+BSBmBCUKUgZgD:uGIIHp1MkPMkTgZgD

Malware Config

Targets

    • Target

      0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6

    • Size

      25KB

    • MD5

      fcd15511ba50c6c59efef7a352352329

    • SHA1

      ef1c38322fb9bdc6ba5f2e10ac2bfc7844ecc8a4

    • SHA256

      0d14960e6b013659736bf98f6554b0d0a4891031a92dc8246233f427f64767b6

    • SHA512

      11cdb9f20f065494989ee91b19122d42a57a0fdd9e145e637418eb75e889fde809f7adb6e760481d2c7560548f09f0f11931d42aca034f424842a260fe08e1e9

    • SSDEEP

      768:uZ4FLz8ae+rOn8ae+rOHPRPq+BSBmBCUK9+BSBmBCUKUgZgD:uGIIHp1MkPMkTgZgD

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5122) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks