General
-
Target
7f823f289d5d9e86017b5f688c73a0f05bb2beb0d8be55ac296f82b345c0ee15
-
Size
33KB
-
Sample
250605-hd4bjabn4z
-
MD5
18e33345f0bf7e8beda79a858c3ddb5f
-
SHA1
15b88b28760bf380fc8d8847f70cc37aa940f4f9
-
SHA256
7f823f289d5d9e86017b5f688c73a0f05bb2beb0d8be55ac296f82b345c0ee15
-
SHA512
e9fee14fdd212b264be2b0ed6b3f336bf83c50d2c5b3606e0bb7135e06f90bab216fd85ae1d83cc735da28b26b52dfbd9fa1974354ae94642b753c40b979a63f
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOiBJ8vI8vN4j87edqdv87edqd5:s7ZppApdIIiBmvHvH05
Behavioral task
behavioral1
Sample
7f823f289d5d9e86017b5f688c73a0f05bb2beb0d8be55ac296f82b345c0ee15.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
7f823f289d5d9e86017b5f688c73a0f05bb2beb0d8be55ac296f82b345c0ee15
-
Size
33KB
-
MD5
18e33345f0bf7e8beda79a858c3ddb5f
-
SHA1
15b88b28760bf380fc8d8847f70cc37aa940f4f9
-
SHA256
7f823f289d5d9e86017b5f688c73a0f05bb2beb0d8be55ac296f82b345c0ee15
-
SHA512
e9fee14fdd212b264be2b0ed6b3f336bf83c50d2c5b3606e0bb7135e06f90bab216fd85ae1d83cc735da28b26b52dfbd9fa1974354ae94642b753c40b979a63f
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOiBJ8vI8vN4j87edqdv87edqd5:s7ZppApdIIiBmvHvH05
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5277) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-