General

  • Target

    c284bfd70aad3207fc289531fb05cda5d8154d3624718b7db91fac6569a60132

  • Size

    85KB

  • MD5

    93b4f040d2459e0e9f51758492921bc8

  • SHA1

    b845596bc215479dc8e9abb08b02800a1242bd16

  • SHA256

    c284bfd70aad3207fc289531fb05cda5d8154d3624718b7db91fac6569a60132

  • SHA512

    6c25264ea60156a0988f266ae1762cc2be884355cbe8aad4f439a34824103bc4f40730a9fb7443b7173f90610417f3700bccd550654fd7b2352ede178d167238

  • SSDEEP

    1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8eEXcBxOBxP:spWpT9InTVsZYFG6cZxnOnP

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c284bfd70aad3207fc289531fb05cda5d8154d3624718b7db91fac6569a60132
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections