General
-
Target
a4bc781e004a23884d16d0ac5da671655a322656f2a2c9925bcc4fed42e02de9
-
Size
40KB
-
Sample
250529-rb8mxasvdv
-
MD5
71678f7d1374f33d5b0360f3937c0b85
-
SHA1
6f1e1dbe15689119daecce7097769e1b9c33aca5
-
SHA256
a4bc781e004a23884d16d0ac5da671655a322656f2a2c9925bcc4fed42e02de9
-
SHA512
700364913787d051541f15207142b8c49d4fa94c8ab13f8f1f91b95f72333cb8138bbf009965b889df41b1db621a73017afb4fc77a76987888fa78c49f7ac7af
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO+4500n1kJ00n1kU:s7ZppApdII+49101F
Behavioral task
behavioral1
Sample
a4bc781e004a23884d16d0ac5da671655a322656f2a2c9925bcc4fed42e02de9.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
a4bc781e004a23884d16d0ac5da671655a322656f2a2c9925bcc4fed42e02de9.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
a4bc781e004a23884d16d0ac5da671655a322656f2a2c9925bcc4fed42e02de9
-
Size
40KB
-
MD5
71678f7d1374f33d5b0360f3937c0b85
-
SHA1
6f1e1dbe15689119daecce7097769e1b9c33aca5
-
SHA256
a4bc781e004a23884d16d0ac5da671655a322656f2a2c9925bcc4fed42e02de9
-
SHA512
700364913787d051541f15207142b8c49d4fa94c8ab13f8f1f91b95f72333cb8138bbf009965b889df41b1db621a73017afb4fc77a76987888fa78c49f7ac7af
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO+4500n1kJ00n1kU:s7ZppApdII+49101F
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5213) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-