General

  • Target

    48fcc0d0c84ae454ffc631274663046a7377e0765e407f73268d190f3ff64654

  • Size

    79KB

  • MD5

    25cbaade2ecdd1326806f57aa72d9457

  • SHA1

    586f408c97ca0d44e7788ace9e84a9ae123bd359

  • SHA256

    48fcc0d0c84ae454ffc631274663046a7377e0765e407f73268d190f3ff64654

  • SHA512

    a406f7c2c50342a610b163f6d3ddbef38483065a127a9b201395cd8e766dad1cde2bf5e17262a9e945956da161a88c2bf78de3b4d908fb6e4119291303e23d00

  • SSDEEP

    1536:s7ZppApdIIC0L/twzIzYKBIvubxJZ899OlxfANrWc/ZkgBZs:spWpI0L/tsI987OrfO6qy

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 48fcc0d0c84ae454ffc631274663046a7377e0765e407f73268d190f3ff64654
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections