General
-
Target
44b80470b9b505d0e93241c5299b6d71b26b528995d01254ce4ed39a2081e971
-
Size
24KB
-
Sample
250529-n7laps1wbw
-
MD5
a13a3a87c27bcda6506ece95ff719fba
-
SHA1
7a60a8f504373c2235ec5950fcce3a43a39febc9
-
SHA256
44b80470b9b505d0e93241c5299b6d71b26b528995d01254ce4ed39a2081e971
-
SHA512
93404f98d6e24809858cf1b54077c248cac5cfff30d94ddab847e4c0f31fec51d4a43fb6001aa443e1518bb0731de1b55309475c3a74c4f2550cfb5cb53486a7
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOr9NNV5H/V31:s7BlpppARFbhdLz8ae+rOn8ae+rOZ
Behavioral task
behavioral1
Sample
44b80470b9b505d0e93241c5299b6d71b26b528995d01254ce4ed39a2081e971.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
44b80470b9b505d0e93241c5299b6d71b26b528995d01254ce4ed39a2081e971.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
44b80470b9b505d0e93241c5299b6d71b26b528995d01254ce4ed39a2081e971
-
Size
24KB
-
MD5
a13a3a87c27bcda6506ece95ff719fba
-
SHA1
7a60a8f504373c2235ec5950fcce3a43a39febc9
-
SHA256
44b80470b9b505d0e93241c5299b6d71b26b528995d01254ce4ed39a2081e971
-
SHA512
93404f98d6e24809858cf1b54077c248cac5cfff30d94ddab847e4c0f31fec51d4a43fb6001aa443e1518bb0731de1b55309475c3a74c4f2550cfb5cb53486a7
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOr9NNV5H/V31:s7BlpppARFbhdLz8ae+rOn8ae+rOZ
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5306) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-