General

  • Target

    3bd983a439a55277a98b813b27babc9b8c0cccf54a088478b8b1cdacf4cbec82

  • Size

    59KB

  • MD5

    915d7e5bf1043235648b85fb6f14a09e

  • SHA1

    db3d3355b64a6341619ca5a53ab8af7b7c3e0769

  • SHA256

    3bd983a439a55277a98b813b27babc9b8c0cccf54a088478b8b1cdacf4cbec82

  • SHA512

    1b3df3669d9a340aba2526ac8202d9cb3472ba049042fa6460e9ff093bdee59d4e33cfd0eb70181802f2d6a3b999370a0bc7462e87389e29fd1106465d51dc0b

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOCjQjyZLhs8+R6+DF7QWdTTOYqV7:s7ZppApdIICjQjyZNs8+R6+DF7nOF7

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3bd983a439a55277a98b813b27babc9b8c0cccf54a088478b8b1cdacf4cbec82
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections