General
-
Target
df7e270b2244bc5dd8f985f097c34d20e97aef5af02e74f3e9d81d338bce964d
-
Size
99KB
-
Sample
250605-hcaylabm9w
-
MD5
573f0e9dfec4322876053f0d03c76e0e
-
SHA1
6a1b5052807b7b67f751fedc8e6baf09bc7a9859
-
SHA256
df7e270b2244bc5dd8f985f097c34d20e97aef5af02e74f3e9d81d338bce964d
-
SHA512
4e4109c1496e566bc14d162c95b4659399a0eeb1e4b4fab3657f3ca16becf10cdf71ee7516e1a7be7e962c0b0eb80cd21955fbec1293828e6cfa46872739f548
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6YmImFNUibo+h:spWpsBsqrNkMzN0mx7Sr6x
Behavioral task
behavioral1
Sample
df7e270b2244bc5dd8f985f097c34d20e97aef5af02e74f3e9d81d338bce964d.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
df7e270b2244bc5dd8f985f097c34d20e97aef5af02e74f3e9d81d338bce964d
-
Size
99KB
-
MD5
573f0e9dfec4322876053f0d03c76e0e
-
SHA1
6a1b5052807b7b67f751fedc8e6baf09bc7a9859
-
SHA256
df7e270b2244bc5dd8f985f097c34d20e97aef5af02e74f3e9d81d338bce964d
-
SHA512
4e4109c1496e566bc14d162c95b4659399a0eeb1e4b4fab3657f3ca16becf10cdf71ee7516e1a7be7e962c0b0eb80cd21955fbec1293828e6cfa46872739f548
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6YmImFNUibo+h:spWpsBsqrNkMzN0mx7Sr6x
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5030) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-