General
-
Target
3acc149908dd512e8c081cdd336d312d01fbbe9998ce07cc0cdf8c974f585537
-
Size
86KB
-
Sample
250529-n7qkes1wbx
-
MD5
b83d5a7a16bcd319264d0bf768df6d08
-
SHA1
a15fd7c586bd3621da2dc6aaac1529923b91f5f3
-
SHA256
3acc149908dd512e8c081cdd336d312d01fbbe9998ce07cc0cdf8c974f585537
-
SHA512
9ba98fdd4cb3c6b43947444755f4c6b87ed38e6f3e088e3ee5a8c1f477122d2eeb7032b6411923139dfaf3cb5759c54b75c5a36b2561f1d9bfd4587ea673a591
-
SSDEEP
1536:s7ZppApdIIFJtK9EJSKRVzutQ28svrdwTaxFiD:spWp9t4EJSSVzui2xnA
Behavioral task
behavioral1
Sample
3acc149908dd512e8c081cdd336d312d01fbbe9998ce07cc0cdf8c974f585537.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
3acc149908dd512e8c081cdd336d312d01fbbe9998ce07cc0cdf8c974f585537.exe
Resource
win11-20250508-en
Malware Config
Targets
-
-
Target
3acc149908dd512e8c081cdd336d312d01fbbe9998ce07cc0cdf8c974f585537
-
Size
86KB
-
MD5
b83d5a7a16bcd319264d0bf768df6d08
-
SHA1
a15fd7c586bd3621da2dc6aaac1529923b91f5f3
-
SHA256
3acc149908dd512e8c081cdd336d312d01fbbe9998ce07cc0cdf8c974f585537
-
SHA512
9ba98fdd4cb3c6b43947444755f4c6b87ed38e6f3e088e3ee5a8c1f477122d2eeb7032b6411923139dfaf3cb5759c54b75c5a36b2561f1d9bfd4587ea673a591
-
SSDEEP
1536:s7ZppApdIIFJtK9EJSKRVzutQ28svrdwTaxFiD:spWp9t4EJSSVzui2xnA
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5104) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-