General
-
Target
e3391f607a57100f41883112301d3e2629b7494703133618a16084b5e2f23bd0
-
Size
95KB
-
Sample
250605-h2zcgsdp7x
-
MD5
4f7095b0a0f1f173c99ef22aa5fd64cc
-
SHA1
8acf6eb0550db54e6c7c8d02eab20cca42ec1308
-
SHA256
e3391f607a57100f41883112301d3e2629b7494703133618a16084b5e2f23bd0
-
SHA512
5f9291fd927afaabbfc71e918ab1ca111f2e8de8b1e9b39180441e466704166c0946b3da9d710758f25844657e9e9823629dd08b5755958137e096db041284d8
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6nQmJ0QmJo:spWpsBsqrNkMzN0mx7Sr6nQmJ0QmJo
Behavioral task
behavioral1
Sample
e3391f607a57100f41883112301d3e2629b7494703133618a16084b5e2f23bd0.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
e3391f607a57100f41883112301d3e2629b7494703133618a16084b5e2f23bd0
-
Size
95KB
-
MD5
4f7095b0a0f1f173c99ef22aa5fd64cc
-
SHA1
8acf6eb0550db54e6c7c8d02eab20cca42ec1308
-
SHA256
e3391f607a57100f41883112301d3e2629b7494703133618a16084b5e2f23bd0
-
SHA512
5f9291fd927afaabbfc71e918ab1ca111f2e8de8b1e9b39180441e466704166c0946b3da9d710758f25844657e9e9823629dd08b5755958137e096db041284d8
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6nQmJ0QmJo:spWpsBsqrNkMzN0mx7Sr6nQmJ0QmJo
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5033) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-