General
-
Target
c307062cf39874a41a75195d0449661928b4e55e6b5504659fab2bc11aa33540
-
Size
94KB
-
Sample
250605-hevqsabn5y
-
MD5
6e3d95ae01200601be0a5768268582e8
-
SHA1
32b273e78ea0b12d44f88c97c4524b271cb07850
-
SHA256
c307062cf39874a41a75195d0449661928b4e55e6b5504659fab2bc11aa33540
-
SHA512
a53c17bc59560bd26b7caf8882f897a4dfcbe136432da5dd01b967521bf5af3d10c8bf92a2e4b0b6a49e1d343b810fab81c6a6f1337cd539fc938ab11afefe0d
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOrZkZ/7LG0525lZ4FLz8ae+rOn8ae+rOrZkZ+:s7ZppApdII1GQGII1G+
Behavioral task
behavioral1
Sample
c307062cf39874a41a75195d0449661928b4e55e6b5504659fab2bc11aa33540.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
c307062cf39874a41a75195d0449661928b4e55e6b5504659fab2bc11aa33540
-
Size
94KB
-
MD5
6e3d95ae01200601be0a5768268582e8
-
SHA1
32b273e78ea0b12d44f88c97c4524b271cb07850
-
SHA256
c307062cf39874a41a75195d0449661928b4e55e6b5504659fab2bc11aa33540
-
SHA512
a53c17bc59560bd26b7caf8882f897a4dfcbe136432da5dd01b967521bf5af3d10c8bf92a2e4b0b6a49e1d343b810fab81c6a6f1337cd539fc938ab11afefe0d
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOrZkZ/7LG0525lZ4FLz8ae+rOn8ae+rOrZkZ+:s7ZppApdII1GQGII1G+
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5029) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-