General

  • Target

    da3aac9e5bbabfadd5fcfa5169dc151e4be023f88c8f39260cfda6284a0b9ce5

  • Size

    99KB

  • MD5

    2a613767e1bb05dc94ad3cb216e2c243

  • SHA1

    4a75bf8843c50508b890983cdb011a937cb28f6c

  • SHA256

    da3aac9e5bbabfadd5fcfa5169dc151e4be023f88c8f39260cfda6284a0b9ce5

  • SHA512

    44df6dd3c06c50c7db8a8513a6fc77b784c05ba0100f4ecfcaf01d64720db0cb5e87425113322cdc6f5de2d5a95e9c0a5fa4feefed065cc92b41b83b78cb568d

  • SSDEEP

    1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6P:spWpsBsqrNkMzN0mx7Sr6P

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • da3aac9e5bbabfadd5fcfa5169dc151e4be023f88c8f39260cfda6284a0b9ce5
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections