General
-
Target
a93dbd427a750eecbb215a8df92c4b74d4d5281864f2cc095e4bc1701819865d
-
Size
16KB
-
Sample
250529-rby4gasvcv
-
MD5
7f0dcf3ffea901d0b09dd7e914249dc0
-
SHA1
09b9cfe30dfd24fdf1a295daff5baa213def9033
-
SHA256
a93dbd427a750eecbb215a8df92c4b74d4d5281864f2cc095e4bc1701819865d
-
SHA512
0b240d3595b553ade2ec564bff927ac8df5c4a4b2c16f09fa298cc13f58ad0c89f2e86bc913befbbaf044e806cdd0227e238d19f3ef9d867870302381bf3e681
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rO8j7jD:uZ4FLz8ae+rOn8ae+rOE
Static task
static1
Behavioral task
behavioral1
Sample
a93dbd427a750eecbb215a8df92c4b74d4d5281864f2cc095e4bc1701819865d.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
a93dbd427a750eecbb215a8df92c4b74d4d5281864f2cc095e4bc1701819865d.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
a93dbd427a750eecbb215a8df92c4b74d4d5281864f2cc095e4bc1701819865d
-
Size
16KB
-
MD5
7f0dcf3ffea901d0b09dd7e914249dc0
-
SHA1
09b9cfe30dfd24fdf1a295daff5baa213def9033
-
SHA256
a93dbd427a750eecbb215a8df92c4b74d4d5281864f2cc095e4bc1701819865d
-
SHA512
0b240d3595b553ade2ec564bff927ac8df5c4a4b2c16f09fa298cc13f58ad0c89f2e86bc913befbbaf044e806cdd0227e238d19f3ef9d867870302381bf3e681
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rO8j7jD:uZ4FLz8ae+rOn8ae+rOE
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5284) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-