General
-
Target
a6b082961c74a04107ff2bb392dbfbbd2017116645751e53fc92d56976279584
-
Size
596KB
-
Sample
250529-ragssssvbv
-
MD5
1899fa03497c47ac2cd72677f3ad60e8
-
SHA1
ded5bc3c22ee32c23591576c1b032ced478a4ef2
-
SHA256
a6b082961c74a04107ff2bb392dbfbbd2017116645751e53fc92d56976279584
-
SHA512
e4eebc976b6a9d2c586f73c7fb5a1795b2259e11d88ee99cbe1da6fee54862abbd4248bac0b96a4c4e52b863bec2ef372f14b952bb1d2918511e9418adf5346d
-
SSDEEP
12288:Oi3yiHiNI3DPCRdM6UoVFFXJuLUtzpLG47F:O3iH/CR+E9h
Static task
static1
Behavioral task
behavioral1
Sample
a6b082961c74a04107ff2bb392dbfbbd2017116645751e53fc92d56976279584.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
a6b082961c74a04107ff2bb392dbfbbd2017116645751e53fc92d56976279584.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
a6b082961c74a04107ff2bb392dbfbbd2017116645751e53fc92d56976279584
-
Size
596KB
-
MD5
1899fa03497c47ac2cd72677f3ad60e8
-
SHA1
ded5bc3c22ee32c23591576c1b032ced478a4ef2
-
SHA256
a6b082961c74a04107ff2bb392dbfbbd2017116645751e53fc92d56976279584
-
SHA512
e4eebc976b6a9d2c586f73c7fb5a1795b2259e11d88ee99cbe1da6fee54862abbd4248bac0b96a4c4e52b863bec2ef372f14b952bb1d2918511e9418adf5346d
-
SSDEEP
12288:Oi3yiHiNI3DPCRdM6UoVFFXJuLUtzpLG47F:O3iH/CR+E9h
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (2903) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-