General

  • Target

    2e8d90b61b615387f92e3a778e15d4051cecfce2e97d63e85146babe8314cba9

  • Size

    155KB

  • MD5

    12cdf927eb8ffd678c342e34817b85e4

  • SHA1

    566e35133dad5a82a7ea125d69647c86bfbf792f

  • SHA256

    2e8d90b61b615387f92e3a778e15d4051cecfce2e97d63e85146babe8314cba9

  • SHA512

    0df979577907610580e7c7f4c4b92d6ef31e006b214691416b9da841f119e0c8c1490b6bb5be0c6c6826258d6b40021c9b4e87a00a10725aed87c8e5e376521f

  • SSDEEP

    1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA60uXceS4JseKeFdasat:spWpsBsqrNkMzN0mx7Sr60ug4GF

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2e8d90b61b615387f92e3a778e15d4051cecfce2e97d63e85146babe8314cba9
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections