General
-
Target
418eca04fbb1e73c6e32da06970abcdcfc106ced320f6ae9e3d0387c6b3bb11c
-
Size
95KB
-
Sample
250605-h1f5hstns3
-
MD5
682a21a8af2d77d73f5d3e3e857eaffe
-
SHA1
dd2f2ce011e2c40f720662ef6310f0870907c5d5
-
SHA256
418eca04fbb1e73c6e32da06970abcdcfc106ced320f6ae9e3d0387c6b3bb11c
-
SHA512
ae939fcf626ccbc0852444e358a18f1781a8a4dfe77c48e25e99b8a9f52a86527fff2c6df5e6fe4fc964dd61b2cc07a17e510aff8480c209488dc970fee4281d
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6m:spWpsBsqrNkMzN0mx7Sr6m
Behavioral task
behavioral1
Sample
418eca04fbb1e73c6e32da06970abcdcfc106ced320f6ae9e3d0387c6b3bb11c.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
418eca04fbb1e73c6e32da06970abcdcfc106ced320f6ae9e3d0387c6b3bb11c.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
418eca04fbb1e73c6e32da06970abcdcfc106ced320f6ae9e3d0387c6b3bb11c
-
Size
95KB
-
MD5
682a21a8af2d77d73f5d3e3e857eaffe
-
SHA1
dd2f2ce011e2c40f720662ef6310f0870907c5d5
-
SHA256
418eca04fbb1e73c6e32da06970abcdcfc106ced320f6ae9e3d0387c6b3bb11c
-
SHA512
ae939fcf626ccbc0852444e358a18f1781a8a4dfe77c48e25e99b8a9f52a86527fff2c6df5e6fe4fc964dd61b2cc07a17e510aff8480c209488dc970fee4281d
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6m:spWpsBsqrNkMzN0mx7Sr6m
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4844) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-