General
-
Target
05e788b8569e444ef54fa4bae699ba62fa26bd6c5510c4b54fb8fea50f8cecc7
-
Size
25KB
-
Sample
250605-h1rw1sdp5w
-
MD5
14ef783b895125d45b02dc6f1026ae3b
-
SHA1
023f0b0c9d0a979297c0c967bd338ae3631e4772
-
SHA256
05e788b8569e444ef54fa4bae699ba62fa26bd6c5510c4b54fb8fea50f8cecc7
-
SHA512
be238920333ca3b73230736b3d3dc3be71727dca1ad4c722845cc2568e8ef0bf27b7bb5cda74bb1c4d227c31c0df23b94392f8579474627d1719db1c522c199a
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJtr:s7ZppApdIIC0K
Behavioral task
behavioral1
Sample
05e788b8569e444ef54fa4bae699ba62fa26bd6c5510c4b54fb8fea50f8cecc7.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
05e788b8569e444ef54fa4bae699ba62fa26bd6c5510c4b54fb8fea50f8cecc7
-
Size
25KB
-
MD5
14ef783b895125d45b02dc6f1026ae3b
-
SHA1
023f0b0c9d0a979297c0c967bd338ae3631e4772
-
SHA256
05e788b8569e444ef54fa4bae699ba62fa26bd6c5510c4b54fb8fea50f8cecc7
-
SHA512
be238920333ca3b73230736b3d3dc3be71727dca1ad4c722845cc2568e8ef0bf27b7bb5cda74bb1c4d227c31c0df23b94392f8579474627d1719db1c522c199a
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJtr:s7ZppApdIIC0K
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5127) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-