General
-
Target
f96648ab821db74e270d73cbcd88549ad7354ff6e9102992154504cbef4b35d6
-
Size
91KB
-
Sample
250605-h44d8adq4x
-
MD5
1ddf481c74ac1e683db67cba6967a63d
-
SHA1
ec595f65ae7b4a278dc41a7afd72e85029fc4d0f
-
SHA256
f96648ab821db74e270d73cbcd88549ad7354ff6e9102992154504cbef4b35d6
-
SHA512
a73c79a72f4091b026e0bc45408cc0a01b4f771d94d75d33a85950b2ae09e7fc550a21f419bacd5b58672a566558b0becfc8ac51115917d90596308b40ecb015
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6s:spWpsBsqrNkMzN0mx7Sr6s
Behavioral task
behavioral1
Sample
f96648ab821db74e270d73cbcd88549ad7354ff6e9102992154504cbef4b35d6.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
f96648ab821db74e270d73cbcd88549ad7354ff6e9102992154504cbef4b35d6
-
Size
91KB
-
MD5
1ddf481c74ac1e683db67cba6967a63d
-
SHA1
ec595f65ae7b4a278dc41a7afd72e85029fc4d0f
-
SHA256
f96648ab821db74e270d73cbcd88549ad7354ff6e9102992154504cbef4b35d6
-
SHA512
a73c79a72f4091b026e0bc45408cc0a01b4f771d94d75d33a85950b2ae09e7fc550a21f419bacd5b58672a566558b0becfc8ac51115917d90596308b40ecb015
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6s:spWpsBsqrNkMzN0mx7Sr6s
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5039) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-