General
-
Target
a7ab698794d30b1692f5ce1c9422185faf9c2c376ea76f639ffb4c8ff9a79616
-
Size
22KB
-
Sample
250605-hz4jestm12
-
MD5
098e8ad5b6f228afe7a29e5e38081924
-
SHA1
da6e93ddaa5243af2186899e0363fd571fae577e
-
SHA256
a7ab698794d30b1692f5ce1c9422185faf9c2c376ea76f639ffb4c8ff9a79616
-
SHA512
f0d84350c91613aba428078c75b8ab17d2338e2585a925719124000ddfeb9949f55c1721d4e7baa68a729b8860a2c7307cb6de43c0e9acb79926791df53b3c2e
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOb84sAsvosGOUiuJtfosGOUiuJtqx:uZ4FLz8ae+rOn8ae+rOb83osGOUiuJtv
Static task
static1
Behavioral task
behavioral1
Sample
a7ab698794d30b1692f5ce1c9422185faf9c2c376ea76f639ffb4c8ff9a79616.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
a7ab698794d30b1692f5ce1c9422185faf9c2c376ea76f639ffb4c8ff9a79616.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
a7ab698794d30b1692f5ce1c9422185faf9c2c376ea76f639ffb4c8ff9a79616
-
Size
22KB
-
MD5
098e8ad5b6f228afe7a29e5e38081924
-
SHA1
da6e93ddaa5243af2186899e0363fd571fae577e
-
SHA256
a7ab698794d30b1692f5ce1c9422185faf9c2c376ea76f639ffb4c8ff9a79616
-
SHA512
f0d84350c91613aba428078c75b8ab17d2338e2585a925719124000ddfeb9949f55c1721d4e7baa68a729b8860a2c7307cb6de43c0e9acb79926791df53b3c2e
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOb84sAsvosGOUiuJtfosGOUiuJtqx:uZ4FLz8ae+rOn8ae+rOb83osGOUiuJtv
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5207) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-