General

  • Target

    6b78097f95d6161e46a41cf4dc5dcd153635326781a610b0e86a798604409466

  • Size

    50KB

  • MD5

    4183d1c16ef2fb88675f27605262d438

  • SHA1

    df9224fc86870090c7b4c1ae97d0085bdebd6b24

  • SHA256

    6b78097f95d6161e46a41cf4dc5dcd153635326781a610b0e86a798604409466

  • SHA512

    b7c7a01f7fb86bd3b9776ad145009c3d923f3da35189d46f0233e7e83b9ab66b8f423e24f26fe379e77922969963b40a5e7141d60ff3e4b48e7ffac0e2d20b2e

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rO+4500n1kJ00n1kNIyIv1XYc1GouW55mb+QsF:s7ZppApdII+49101yIyIJMWzIQ

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6b78097f95d6161e46a41cf4dc5dcd153635326781a610b0e86a798604409466
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections