General

  • Target

    035f93695a50583c38d9a608ba3f3f3465119c31821e16384dc2579a49794e5d

  • Size

    22KB

  • MD5

    4d072e3966ff1328f1e37b0358f85476

  • SHA1

    1b8b11bb47169cb3ac0db99ee982c1d013624cf0

  • SHA256

    035f93695a50583c38d9a608ba3f3f3465119c31821e16384dc2579a49794e5d

  • SHA512

    cdb0ef28de61a8a50de206a0a874c1e533423b302dc1e0e0da6d697678a971da9e28392fc0c93001f7e718ee591b28b0b1b835e8238261344d9e662cda623e9a

  • SSDEEP

    384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOiOZ2OZoaqyklYWynDyklM:s7BlpppARFbhdLz8ae+rOn8ae+rOka5i

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 035f93695a50583c38d9a608ba3f3f3465119c31821e16384dc2579a49794e5d
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections