General
-
Target
88babc044b2bee58bf75f66873926cec4a87c4d6ee85b6d145f4581190072fe0
-
Size
37KB
-
Sample
250605-hamvdaszhw
-
MD5
3fcb7f98232244bf94b6492b0b665089
-
SHA1
873d5d6acc4861ac700b033157f4d6bcddaaba24
-
SHA256
88babc044b2bee58bf75f66873926cec4a87c4d6ee85b6d145f4581190072fe0
-
SHA512
7ec414df8c765ec896d91558b6d3315cc249a6c87c419c4de92c97ef16efd4c6def60d907e4f4d2bb20406c91200092da0a55bff31959d5540a8e870ecf53b81
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOYE/AE/DZKNZKy7LzizB:uZ4FLz8ae+rOn8ae+rOrZkZ/7LGd
Static task
static1
Behavioral task
behavioral1
Sample
88babc044b2bee58bf75f66873926cec4a87c4d6ee85b6d145f4581190072fe0.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
88babc044b2bee58bf75f66873926cec4a87c4d6ee85b6d145f4581190072fe0.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
88babc044b2bee58bf75f66873926cec4a87c4d6ee85b6d145f4581190072fe0
-
Size
37KB
-
MD5
3fcb7f98232244bf94b6492b0b665089
-
SHA1
873d5d6acc4861ac700b033157f4d6bcddaaba24
-
SHA256
88babc044b2bee58bf75f66873926cec4a87c4d6ee85b6d145f4581190072fe0
-
SHA512
7ec414df8c765ec896d91558b6d3315cc249a6c87c419c4de92c97ef16efd4c6def60d907e4f4d2bb20406c91200092da0a55bff31959d5540a8e870ecf53b81
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOYE/AE/DZKNZKy7LzizB:uZ4FLz8ae+rOn8ae+rOrZkZ/7LGd
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5213) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-