General
-
Target
56e0690b0c051d367ed0f6bfe7c33714c8bcfd82a8085d417829c053ea22562b
-
Size
28KB
-
Sample
250529-n7q6ys1wby
-
MD5
dc32a039d62af5d9df8f34282e98e071
-
SHA1
5d8253204380187d24c6104809d282ea46cd79db
-
SHA256
56e0690b0c051d367ed0f6bfe7c33714c8bcfd82a8085d417829c053ea22562b
-
SHA512
a7db61c3b67617afb63d9f08ef7ea52dcdbd4f9d856636f133bffb65f7afdb8e93796eaf1ca5c21ea1f5f4afde1ff8ee0223deb36414763c096c60143e2ee891
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhREOcqEOcG:s7ZppApdIIoJhiJhRpHpr
Behavioral task
behavioral1
Sample
56e0690b0c051d367ed0f6bfe7c33714c8bcfd82a8085d417829c053ea22562b.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
56e0690b0c051d367ed0f6bfe7c33714c8bcfd82a8085d417829c053ea22562b.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
56e0690b0c051d367ed0f6bfe7c33714c8bcfd82a8085d417829c053ea22562b
-
Size
28KB
-
MD5
dc32a039d62af5d9df8f34282e98e071
-
SHA1
5d8253204380187d24c6104809d282ea46cd79db
-
SHA256
56e0690b0c051d367ed0f6bfe7c33714c8bcfd82a8085d417829c053ea22562b
-
SHA512
a7db61c3b67617afb63d9f08ef7ea52dcdbd4f9d856636f133bffb65f7afdb8e93796eaf1ca5c21ea1f5f4afde1ff8ee0223deb36414763c096c60143e2ee891
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOoJhiJhREOcqEOcG:s7ZppApdIIoJhiJhRpHpr
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5272) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-