General
-
Target
0b6abadb316df5e54327690342abc8d97bfb28666ce466de3abca4beeb2d8eed
-
Size
39KB
-
Sample
250605-j88p6svkv8
-
MD5
ee395767f7a295eac97fa002d1135c99
-
SHA1
6073194f262d11e0b8009daa95cde7e5f104b015
-
SHA256
0b6abadb316df5e54327690342abc8d97bfb28666ce466de3abca4beeb2d8eed
-
SHA512
39f4114d03746a63c719208b82e8d631c3be36f3d1556a8e61048b23e3d95d265e902a6bc860f1097d734c4f58628e01ae2dc94f263a0f13445d1252c18f6760
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJtTsMtfMrS:s7ZppApdIIC0zA0O
Behavioral task
behavioral1
Sample
0b6abadb316df5e54327690342abc8d97bfb28666ce466de3abca4beeb2d8eed.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
0b6abadb316df5e54327690342abc8d97bfb28666ce466de3abca4beeb2d8eed.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
0b6abadb316df5e54327690342abc8d97bfb28666ce466de3abca4beeb2d8eed
-
Size
39KB
-
MD5
ee395767f7a295eac97fa002d1135c99
-
SHA1
6073194f262d11e0b8009daa95cde7e5f104b015
-
SHA256
0b6abadb316df5e54327690342abc8d97bfb28666ce466de3abca4beeb2d8eed
-
SHA512
39f4114d03746a63c719208b82e8d631c3be36f3d1556a8e61048b23e3d95d265e902a6bc860f1097d734c4f58628e01ae2dc94f263a0f13445d1252c18f6760
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJtTsMtfMrS:s7ZppApdIIC0zA0O
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5202) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-