General
-
Target
d7d2d8f78704bf005eb0be0a29f01095bfa6aa73ac28544c9e585e26ed033d03
-
Size
31KB
-
Sample
250529-rceq8asvev
-
MD5
7029c414207926e9aacdbae0ebee3247
-
SHA1
66a6eeef86fc0dcfad2d92bcd4454f6a28d335ed
-
SHA256
d7d2d8f78704bf005eb0be0a29f01095bfa6aa73ac28544c9e585e26ed033d03
-
SHA512
aa4e867b8b04afd7f06b978cef4eb5a41d62ecf5bf3ac8d1215a5e07402e70a56b460ed86a55d64615ce4b0db4fe69f0e9663c5ab3d7a9dcab749044f0faf8e6
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOYE/AE/m45gv:s7BlpppARFbhdLz8ae+rOn8ae+rO+44
Behavioral task
behavioral1
Sample
d7d2d8f78704bf005eb0be0a29f01095bfa6aa73ac28544c9e585e26ed033d03.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
d7d2d8f78704bf005eb0be0a29f01095bfa6aa73ac28544c9e585e26ed033d03.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
d7d2d8f78704bf005eb0be0a29f01095bfa6aa73ac28544c9e585e26ed033d03
-
Size
31KB
-
MD5
7029c414207926e9aacdbae0ebee3247
-
SHA1
66a6eeef86fc0dcfad2d92bcd4454f6a28d335ed
-
SHA256
d7d2d8f78704bf005eb0be0a29f01095bfa6aa73ac28544c9e585e26ed033d03
-
SHA512
aa4e867b8b04afd7f06b978cef4eb5a41d62ecf5bf3ac8d1215a5e07402e70a56b460ed86a55d64615ce4b0db4fe69f0e9663c5ab3d7a9dcab749044f0faf8e6
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOYE/AE/m45gv:s7BlpppARFbhdLz8ae+rOn8ae+rO+44
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5203) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-