General
-
Target
80825fe18fea17914921def6c5b93cd4fd47139371c448eea8b3c240430f4100
-
Size
33KB
-
Sample
250605-hcmx6abn3v
-
MD5
76ff69c574d60a3b387b869a2d55870a
-
SHA1
41afa0ef34fa0d21ecb86c85264dadc4cd005434
-
SHA256
80825fe18fea17914921def6c5b93cd4fd47139371c448eea8b3c240430f4100
-
SHA512
00d25e5956a16e357edba44fb76db3d89eafb8ae918b2eb31393055a11951e1126de14a6894c68b34a214a8772cbd36db95d219d2451aaa7a92f7ea0b3233a7a
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO44Ph4PW:s7ZppApdII4eheW
Behavioral task
behavioral1
Sample
80825fe18fea17914921def6c5b93cd4fd47139371c448eea8b3c240430f4100.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
80825fe18fea17914921def6c5b93cd4fd47139371c448eea8b3c240430f4100
-
Size
33KB
-
MD5
76ff69c574d60a3b387b869a2d55870a
-
SHA1
41afa0ef34fa0d21ecb86c85264dadc4cd005434
-
SHA256
80825fe18fea17914921def6c5b93cd4fd47139371c448eea8b3c240430f4100
-
SHA512
00d25e5956a16e357edba44fb76db3d89eafb8ae918b2eb31393055a11951e1126de14a6894c68b34a214a8772cbd36db95d219d2451aaa7a92f7ea0b3233a7a
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO44Ph4PW:s7ZppApdII4eheW
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5268) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-