General
-
Target
614d313e3362c99a45466c2bda6977a0a80d719e23bd3f5d2ae5065ff375249a
-
Size
6.8MB
-
Sample
250529-q9541asvaw
-
MD5
1555e426aab77276f166701e4ac2c821
-
SHA1
f35b7099a1135df9d6f3b2155af7efc4a9b85121
-
SHA256
614d313e3362c99a45466c2bda6977a0a80d719e23bd3f5d2ae5065ff375249a
-
SHA512
1b9f04480a4689643e1ea7eb05e0b68cb445a4770229cc0e6e220c47d4cbeb30242dba01c8654659542eaa3c6ea15f5fbffcc4f388c860248eee22af68a83ab5
-
SSDEEP
196608:l0eo1Kv/Ad0hvEB9iOuCPEPAJZ0e/tHLuuwrf1/WsL/po:l0H1sREB9iHCPEIJZ0e/tHLuuwb1/Wsi
Static task
static1
Behavioral task
behavioral1
Sample
614d313e3362c99a45466c2bda6977a0a80d719e23bd3f5d2ae5065ff375249a.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
614d313e3362c99a45466c2bda6977a0a80d719e23bd3f5d2ae5065ff375249a.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
614d313e3362c99a45466c2bda6977a0a80d719e23bd3f5d2ae5065ff375249a
-
Size
6.8MB
-
MD5
1555e426aab77276f166701e4ac2c821
-
SHA1
f35b7099a1135df9d6f3b2155af7efc4a9b85121
-
SHA256
614d313e3362c99a45466c2bda6977a0a80d719e23bd3f5d2ae5065ff375249a
-
SHA512
1b9f04480a4689643e1ea7eb05e0b68cb445a4770229cc0e6e220c47d4cbeb30242dba01c8654659542eaa3c6ea15f5fbffcc4f388c860248eee22af68a83ab5
-
SSDEEP
196608:l0eo1Kv/Ad0hvEB9iOuCPEPAJZ0e/tHLuuwrf1/WsL/po:l0H1sREB9iHCPEIJZ0e/tHLuuwb1/Wsi
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (372) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-