General
-
Target
690c7a4fd245a182bf453539e84c00629739445fb2d7cdd4abec6c32c792218f
-
Size
139KB
-
Sample
250605-hat9fsbm6s
-
MD5
64d29fd60bdf4eaf3edbd734fb30c25f
-
SHA1
ee726e6ecc4e0833185ded57c097e5a924c27081
-
SHA256
690c7a4fd245a182bf453539e84c00629739445fb2d7cdd4abec6c32c792218f
-
SHA512
f7c70e89ba444017b9f6fd06363aeef3d4de804d6f2e72fa919fb03eb823da4e829036e93cf4e20fa084dbdbbb21f5a2c0361704bad76bc0494d1e74183724b0
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8eEXmxTcCF2wMDKyyvog1vEpDRb:spWpT9InTVsZYFG6cZP/1k
Behavioral task
behavioral1
Sample
690c7a4fd245a182bf453539e84c00629739445fb2d7cdd4abec6c32c792218f.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
690c7a4fd245a182bf453539e84c00629739445fb2d7cdd4abec6c32c792218f
-
Size
139KB
-
MD5
64d29fd60bdf4eaf3edbd734fb30c25f
-
SHA1
ee726e6ecc4e0833185ded57c097e5a924c27081
-
SHA256
690c7a4fd245a182bf453539e84c00629739445fb2d7cdd4abec6c32c792218f
-
SHA512
f7c70e89ba444017b9f6fd06363aeef3d4de804d6f2e72fa919fb03eb823da4e829036e93cf4e20fa084dbdbbb21f5a2c0361704bad76bc0494d1e74183724b0
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8eEXmxTcCF2wMDKyyvog1vEpDRb:spWpT9InTVsZYFG6cZP/1k
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4864) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-