General
-
Target
84bea1bbfb8cb895d3bbf2bab9ac492bf6aa5ba5aadde53520bd5668b894edca
-
Size
99KB
-
Sample
250605-h1rk9atshx
-
MD5
620b444b3e260a7c398ea9e6aba11e4c
-
SHA1
d673bbe21094fd887b2bd54e5d4c3916cdb61326
-
SHA256
84bea1bbfb8cb895d3bbf2bab9ac492bf6aa5ba5aadde53520bd5668b894edca
-
SHA512
3a1c73f5a1f80fe8d7cf7ecb458dea7a2982d18f0f9a11453b36e899ff1b85e8ea3820870947d1a8a6d3b18040f26df059a8c4faa3e5290821f2d54da4559cbf
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6A:spWpsBsqrNkMzN0mx7Sr6A
Behavioral task
behavioral1
Sample
84bea1bbfb8cb895d3bbf2bab9ac492bf6aa5ba5aadde53520bd5668b894edca.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
84bea1bbfb8cb895d3bbf2bab9ac492bf6aa5ba5aadde53520bd5668b894edca.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
84bea1bbfb8cb895d3bbf2bab9ac492bf6aa5ba5aadde53520bd5668b894edca
-
Size
99KB
-
MD5
620b444b3e260a7c398ea9e6aba11e4c
-
SHA1
d673bbe21094fd887b2bd54e5d4c3916cdb61326
-
SHA256
84bea1bbfb8cb895d3bbf2bab9ac492bf6aa5ba5aadde53520bd5668b894edca
-
SHA512
3a1c73f5a1f80fe8d7cf7ecb458dea7a2982d18f0f9a11453b36e899ff1b85e8ea3820870947d1a8a6d3b18040f26df059a8c4faa3e5290821f2d54da4559cbf
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6A:spWpsBsqrNkMzN0mx7Sr6A
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5027) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-