General
-
Target
a16613d4bddcc357aa5532e63b8e59f0655ad03da8bd89daf0260dd0ab62ae01
-
Size
20KB
-
Sample
250605-hcwv3as1bw
-
MD5
ac8871ee749156c2558e767a674c4319
-
SHA1
1733f6f633e82c7d1e3efb724d4e361df9e6c0dd
-
SHA256
a16613d4bddcc357aa5532e63b8e59f0655ad03da8bd89daf0260dd0ab62ae01
-
SHA512
9c599768fc3df411f6c5e249422b19138f73cda34ef34a9fbdd8cf8334d0f308dac0bac093832d08cc3012620bbf07e1126e4a69f871f1274e409c89bed7512b
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOq:s7BlpppARFbhdLz8ae+rOn8ae+rOq
Behavioral task
behavioral1
Sample
a16613d4bddcc357aa5532e63b8e59f0655ad03da8bd89daf0260dd0ab62ae01.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
a16613d4bddcc357aa5532e63b8e59f0655ad03da8bd89daf0260dd0ab62ae01.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
a16613d4bddcc357aa5532e63b8e59f0655ad03da8bd89daf0260dd0ab62ae01
-
Size
20KB
-
MD5
ac8871ee749156c2558e767a674c4319
-
SHA1
1733f6f633e82c7d1e3efb724d4e361df9e6c0dd
-
SHA256
a16613d4bddcc357aa5532e63b8e59f0655ad03da8bd89daf0260dd0ab62ae01
-
SHA512
9c599768fc3df411f6c5e249422b19138f73cda34ef34a9fbdd8cf8334d0f308dac0bac093832d08cc3012620bbf07e1126e4a69f871f1274e409c89bed7512b
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOq:s7BlpppARFbhdLz8ae+rOn8ae+rOq
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5203) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-