General
-
Target
c4c62759dcb6b5c01d124f162b5dc8e44f7a8aec0567cfd16c82f384d6c81a96
-
Size
48KB
-
Sample
250605-hff9satlv4
-
MD5
f26cac3dc2ea91909001e5cd07243cdf
-
SHA1
addf6232d59ea17a60e7018b326bf072dec1d287
-
SHA256
c4c62759dcb6b5c01d124f162b5dc8e44f7a8aec0567cfd16c82f384d6c81a96
-
SHA512
1cd6c76ea1da20b1b2b96eb7d2a38dc3f315b95e43afd9f14a7ccd4841de7382b0b8c999897ae0335298f852f754372bbeab68ab7a079d540f86a5ea72e94557
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOrZkZ/7LG0525Q:s7ZppApdII1Gr
Behavioral task
behavioral1
Sample
c4c62759dcb6b5c01d124f162b5dc8e44f7a8aec0567cfd16c82f384d6c81a96.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
c4c62759dcb6b5c01d124f162b5dc8e44f7a8aec0567cfd16c82f384d6c81a96.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
c4c62759dcb6b5c01d124f162b5dc8e44f7a8aec0567cfd16c82f384d6c81a96
-
Size
48KB
-
MD5
f26cac3dc2ea91909001e5cd07243cdf
-
SHA1
addf6232d59ea17a60e7018b326bf072dec1d287
-
SHA256
c4c62759dcb6b5c01d124f162b5dc8e44f7a8aec0567cfd16c82f384d6c81a96
-
SHA512
1cd6c76ea1da20b1b2b96eb7d2a38dc3f315b95e43afd9f14a7ccd4841de7382b0b8c999897ae0335298f852f754372bbeab68ab7a079d540f86a5ea72e94557
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOrZkZ/7LG0525Q:s7ZppApdII1Gr
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5042) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-