General
-
Target
730bf38413b9c2eb063b8542e0d509ac17a7d8af52d58056aedd7856dc53e1b7
-
Size
60KB
-
Sample
250529-rag4kasvbx
-
MD5
6d51806b29fbdcf534cd53dd3ccc1e40
-
SHA1
aaa5d123e0b3f4485a0369a5bbc8801521fd2cc9
-
SHA256
730bf38413b9c2eb063b8542e0d509ac17a7d8af52d58056aedd7856dc53e1b7
-
SHA512
f50099b94537cd8276b636f96885b236fa03b4c201dd0ea4591c3f489aa1d8c55a5355ebe6b59f00774dcca8baa20fb16e42458d035eb166ff3d4a3db4534658
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOfXysyIsPLWrCQ6zTdexqzVwiidmVB2jL+SHZ8UB:uGIINlsPKe9Tdxz2dmn2ja+ZhB
Static task
static1
Behavioral task
behavioral1
Sample
730bf38413b9c2eb063b8542e0d509ac17a7d8af52d58056aedd7856dc53e1b7.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
730bf38413b9c2eb063b8542e0d509ac17a7d8af52d58056aedd7856dc53e1b7.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
730bf38413b9c2eb063b8542e0d509ac17a7d8af52d58056aedd7856dc53e1b7
-
Size
60KB
-
MD5
6d51806b29fbdcf534cd53dd3ccc1e40
-
SHA1
aaa5d123e0b3f4485a0369a5bbc8801521fd2cc9
-
SHA256
730bf38413b9c2eb063b8542e0d509ac17a7d8af52d58056aedd7856dc53e1b7
-
SHA512
f50099b94537cd8276b636f96885b236fa03b4c201dd0ea4591c3f489aa1d8c55a5355ebe6b59f00774dcca8baa20fb16e42458d035eb166ff3d4a3db4534658
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOfXysyIsPLWrCQ6zTdexqzVwiidmVB2jL+SHZ8UB:uGIINlsPKe9Tdxz2dmn2ja+ZhB
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5173) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-