General
-
Target
c22750e90d23f513ef4afa7fae109c34afba64aff430b705c04a209880071c95
-
Size
72KB
-
Sample
250605-hbbhqsbm7x
-
MD5
55ab765c2fd14821e21ec07465321266
-
SHA1
a4d84f2b8c7781f1d5d86b6cd238320fabe2cc3b
-
SHA256
c22750e90d23f513ef4afa7fae109c34afba64aff430b705c04a209880071c95
-
SHA512
1101f8139fd60e510dc356e9fbe910f8bbe1212ea1b9b3b2ad9c88fc767e4ba1bc33af3e9f33492300cc4bdaba8cc75ae87251c8b466444e687b6c1730680fb3
-
SSDEEP
1536:uGII1grC35rtLgnTVoAUZY/ECGn6cmi8eD:Z9InTVsZYFG6cZ/
Static task
static1
Behavioral task
behavioral1
Sample
c22750e90d23f513ef4afa7fae109c34afba64aff430b705c04a209880071c95.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
c22750e90d23f513ef4afa7fae109c34afba64aff430b705c04a209880071c95
-
Size
72KB
-
MD5
55ab765c2fd14821e21ec07465321266
-
SHA1
a4d84f2b8c7781f1d5d86b6cd238320fabe2cc3b
-
SHA256
c22750e90d23f513ef4afa7fae109c34afba64aff430b705c04a209880071c95
-
SHA512
1101f8139fd60e510dc356e9fbe910f8bbe1212ea1b9b3b2ad9c88fc767e4ba1bc33af3e9f33492300cc4bdaba8cc75ae87251c8b466444e687b6c1730680fb3
-
SSDEEP
1536:uGII1grC35rtLgnTVoAUZY/ECGn6cmi8eD:Z9InTVsZYFG6cZ/
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5125) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-