General
-
Target
b72b6029deff0b84a67ac2a5f2b47ac744b8a71e9ee72a858aae41fca8dfbd69
-
Size
60KB
-
Sample
250605-h3cj4sttby
-
MD5
09b9c5436812cc27261aa62ee0c42bac
-
SHA1
7c9ac77278d4d5c7d13b5228d4bd492c8d9d7f0e
-
SHA256
b72b6029deff0b84a67ac2a5f2b47ac744b8a71e9ee72a858aae41fca8dfbd69
-
SHA512
71a03b6557fbeeece6a83ebc32ce744a7493494944bace3f8b4e4000fcf0d1aeb921c84f34c8f214faf5a4f55ff3b8b1865d0ee3654b325c82e776f94e82913d
-
SSDEEP
1536:s7ZppApdIIC0/h1HgzohpI5BsKvYFW+W7NmYtV:spWpI0/hhqeCBuCmM
Behavioral task
behavioral1
Sample
b72b6029deff0b84a67ac2a5f2b47ac744b8a71e9ee72a858aae41fca8dfbd69.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
b72b6029deff0b84a67ac2a5f2b47ac744b8a71e9ee72a858aae41fca8dfbd69.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
b72b6029deff0b84a67ac2a5f2b47ac744b8a71e9ee72a858aae41fca8dfbd69
-
Size
60KB
-
MD5
09b9c5436812cc27261aa62ee0c42bac
-
SHA1
7c9ac77278d4d5c7d13b5228d4bd492c8d9d7f0e
-
SHA256
b72b6029deff0b84a67ac2a5f2b47ac744b8a71e9ee72a858aae41fca8dfbd69
-
SHA512
71a03b6557fbeeece6a83ebc32ce744a7493494944bace3f8b4e4000fcf0d1aeb921c84f34c8f214faf5a4f55ff3b8b1865d0ee3654b325c82e776f94e82913d
-
SSDEEP
1536:s7ZppApdIIC0/h1HgzohpI5BsKvYFW+W7NmYtV:spWpI0/hhqeCBuCmM
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5183) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-