General
-
Target
ba0d6f550fc0bb434751b7520e55e3bab7dae9a2b6abc7eb1b0b9028673fda56
-
Size
133KB
-
Sample
250529-ra2szacp6z
-
MD5
f804ed7c09ac5779de2af8dfde62d6dc
-
SHA1
b675a5dadc8044e7a48733a7efb9fee7d0bc84de
-
SHA256
ba0d6f550fc0bb434751b7520e55e3bab7dae9a2b6abc7eb1b0b9028673fda56
-
SHA512
ec716ded4ec2b45d77ef9c805d263e99cc0d36b527c25ef60d61c5c458658124716847ffb80e2a4ef376f52bf4bdcd47b47e4e3bb6f792551b6ac2a39462b959
-
SSDEEP
1536:s7ZppApdIIXJUDJUzreQvow2GIIXJUDJUzreQvowc:spWp1reVwDreVwc
Behavioral task
behavioral1
Sample
ba0d6f550fc0bb434751b7520e55e3bab7dae9a2b6abc7eb1b0b9028673fda56.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
ba0d6f550fc0bb434751b7520e55e3bab7dae9a2b6abc7eb1b0b9028673fda56
-
Size
133KB
-
MD5
f804ed7c09ac5779de2af8dfde62d6dc
-
SHA1
b675a5dadc8044e7a48733a7efb9fee7d0bc84de
-
SHA256
ba0d6f550fc0bb434751b7520e55e3bab7dae9a2b6abc7eb1b0b9028673fda56
-
SHA512
ec716ded4ec2b45d77ef9c805d263e99cc0d36b527c25ef60d61c5c458658124716847ffb80e2a4ef376f52bf4bdcd47b47e4e3bb6f792551b6ac2a39462b959
-
SSDEEP
1536:s7ZppApdIIXJUDJUzreQvow2GIIXJUDJUzreQvowc:spWp1reVwDreVwc
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4738) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-