General

  • Target

    420dff3765d823584ac2d91c17d3f03103b89fdc1c30993c6a4834bc976ba761

  • Size

    38KB

  • MD5

    aede2dfb077f70e26175c5e385378632

  • SHA1

    5f2218409dae60500b8ee6f6f0e186245b5a2348

  • SHA256

    420dff3765d823584ac2d91c17d3f03103b89fdc1c30993c6a4834bc976ba761

  • SHA512

    e20873343a4d1d65f6a90a1e8e6d32ff45971d7a9370054812aa3822a6d8f05b111f6ede16aac5b01ccae8e6a62e6b089a285921b2e29da8d3b64cce6a25f1b1

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvu:s7ZppApdIIJQP+UDQvu

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 420dff3765d823584ac2d91c17d3f03103b89fdc1c30993c6a4834bc976ba761
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections