General
-
Target
2cbe21a0dfa9ad2024e815f72b259cde9bd0d42bd04032de7052f13053741588
-
Size
81KB
-
Sample
250529-q8lnzasthw
-
MD5
8c8b39ed113ea3cc18d4e49ff633a122
-
SHA1
d2a999ffb32cb3f2b12e7d92699661cf3ab5006e
-
SHA256
2cbe21a0dfa9ad2024e815f72b259cde9bd0d42bd04032de7052f13053741588
-
SHA512
b34cd227e15148dd1d506aa9be4f9238656ece89fd9b4db1c83a0bd06b840fd33f084615760e4f2d2cb9900d2b9d2442ca6c367e45bf5e87f01666e7513d399c
-
SSDEEP
1536:uGIINlsPKe9Tdxz2dmn2ja+ZhuB0PUb2+:LehXz2ja+PuiPUP
Static task
static1
Behavioral task
behavioral1
Sample
2cbe21a0dfa9ad2024e815f72b259cde9bd0d42bd04032de7052f13053741588.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
2cbe21a0dfa9ad2024e815f72b259cde9bd0d42bd04032de7052f13053741588.exe
Resource
win11-20250508-en
Malware Config
Targets
-
-
Target
2cbe21a0dfa9ad2024e815f72b259cde9bd0d42bd04032de7052f13053741588
-
Size
81KB
-
MD5
8c8b39ed113ea3cc18d4e49ff633a122
-
SHA1
d2a999ffb32cb3f2b12e7d92699661cf3ab5006e
-
SHA256
2cbe21a0dfa9ad2024e815f72b259cde9bd0d42bd04032de7052f13053741588
-
SHA512
b34cd227e15148dd1d506aa9be4f9238656ece89fd9b4db1c83a0bd06b840fd33f084615760e4f2d2cb9900d2b9d2442ca6c367e45bf5e87f01666e7513d399c
-
SSDEEP
1536:uGIINlsPKe9Tdxz2dmn2ja+ZhuB0PUb2+:LehXz2ja+PuiPUP
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5035) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-