General

  • Target

    2c78c3893ea41ba6088eeb516ead282222eca18d08fa80b907685c369bd4f16b

  • Size

    20KB

  • MD5

    401f409662f02e54c01551556b2b78dc

  • SHA1

    b93006da993eb0fe7871089d7dfd38af05ba64a5

  • SHA256

    2c78c3893ea41ba6088eeb516ead282222eca18d08fa80b907685c369bd4f16b

  • SHA512

    ad96633ab0893330c61b08584b58ebdc13a52ac89f3459b771f45d8b03847172628e407fcfd95327174cbc8ef853ad0c929c7dce75e5467d5f3d12f39751e965

  • SSDEEP

    384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOcZHZi:s7BlpppARFbhdLz8ae+rOn8ae+rOcZHQ

Score
10/10

Malware Config

Signatures

  • Cosmu family
  • Detects Cosmu payload 1 IoCs

    Cosmu is a worm written in C++.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2c78c3893ea41ba6088eeb516ead282222eca18d08fa80b907685c369bd4f16b
    .exe windows:1 windows x86 arch:x86

    8abecba2211e61763c4c9ffcaa13369e


    Headers

    Imports

    Sections