General

  • Target

    2c05e3341362b0581f72dc9f94247d40654cc379996f4e0f8a88423d5a3fb0c4

  • Size

    36KB

  • MD5

    76174bab38f45c18422defca74ea8b3d

  • SHA1

    f499a0c929d81c05d7c51f6fbdf389e89c16a6c4

  • SHA256

    2c05e3341362b0581f72dc9f94247d40654cc379996f4e0f8a88423d5a3fb0c4

  • SHA512

    6a67409ef9a2d98ff2ef1d98be763c066e36b24708c2a682ff397247484bd03539eaafac3d1f62e9e9d609bacbf55fd1931e4c6fb5d86a7603ce7238f311ceba

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvCJO:s7ZppApdIIJQP+UDQv7

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2c05e3341362b0581f72dc9f94247d40654cc379996f4e0f8a88423d5a3fb0c4
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections