General
-
Target
38f23d6fe7c1c9ec132badc1f0141e9263fa213a78483f60310688a450a77b8a
-
Size
40KB
-
Sample
250605-hck4kabn2z
-
MD5
38cc16f2f73fdc5970310f6138a2d359
-
SHA1
efd3677401cc9834f89cf17b247d7cb030a69723
-
SHA256
38f23d6fe7c1c9ec132badc1f0141e9263fa213a78483f60310688a450a77b8a
-
SHA512
f596cfed9b31e48c84ff5ca6a224af48c2cb1a4a9a4de57d1913de38a9b8a9c7791612f7afa4cff9e02efc03de2cf3c32f06cbab51cf8ad51b3c5313891f6f94
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOiBJ8vI8vN4VZO+WJ2H2jM:s7ZppApdIIiBmvHvOH1
Behavioral task
behavioral1
Sample
38f23d6fe7c1c9ec132badc1f0141e9263fa213a78483f60310688a450a77b8a.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
38f23d6fe7c1c9ec132badc1f0141e9263fa213a78483f60310688a450a77b8a
-
Size
40KB
-
MD5
38cc16f2f73fdc5970310f6138a2d359
-
SHA1
efd3677401cc9834f89cf17b247d7cb030a69723
-
SHA256
38f23d6fe7c1c9ec132badc1f0141e9263fa213a78483f60310688a450a77b8a
-
SHA512
f596cfed9b31e48c84ff5ca6a224af48c2cb1a4a9a4de57d1913de38a9b8a9c7791612f7afa4cff9e02efc03de2cf3c32f06cbab51cf8ad51b3c5313891f6f94
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOiBJ8vI8vN4VZO+WJ2H2jM:s7ZppApdIIiBmvHvOH1
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5197) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-