General

  • Target

    b915e7033b022809456a0832d0e2bdffbe3eba14e36771092aba299f650515aa

  • Size

    26KB

  • MD5

    fa24406f7dced91a8d217b89fcf5edcf

  • SHA1

    3acbdd164372f9844b92346603c64f970c8079fa

  • SHA256

    b915e7033b022809456a0832d0e2bdffbe3eba14e36771092aba299f650515aa

  • SHA512

    5b9fd0b3dd6678f5e8661ebf0fbde70effd7f6bd62ee4c03d8bf7c0241786ae4908deebc5f5d8ddb0513c4bc539ecdec6fdf92f3988c273d6eab31bb44d603b9

  • SSDEEP

    384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOb8p8dWA8dWK:s7BlpppARFbhdLz8ae+rOn8ae+rOb8N

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b915e7033b022809456a0832d0e2bdffbe3eba14e36771092aba299f650515aa
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections