General
-
Target
24f2eb90845e42c7b83d4cc2d690e14e29881d033253741af02d9a10b768b94b
-
Size
189KB
-
Sample
250605-j89bpstygw
-
MD5
cc8e433070ebf256f0eedc4cfd2d94e3
-
SHA1
78d1cd0ecc0331b96de41e9f04666d300e233d10
-
SHA256
24f2eb90845e42c7b83d4cc2d690e14e29881d033253741af02d9a10b768b94b
-
SHA512
75a498572e825a1bb5ebdd50dcc85f269337ff6fdf588b89a543edfcb60dcf904c553b37e65be530bc6d5a751af5f17a5a47024a4a23ae1c4fdd946a94ddbec8
-
SSDEEP
3072:spWpsBsqrNkMzN0mx7Sr6zBsqrNkMzN0mx7Sr6z:NWB9nPB9n/
Behavioral task
behavioral1
Sample
24f2eb90845e42c7b83d4cc2d690e14e29881d033253741af02d9a10b768b94b.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
24f2eb90845e42c7b83d4cc2d690e14e29881d033253741af02d9a10b768b94b.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
24f2eb90845e42c7b83d4cc2d690e14e29881d033253741af02d9a10b768b94b
-
Size
189KB
-
MD5
cc8e433070ebf256f0eedc4cfd2d94e3
-
SHA1
78d1cd0ecc0331b96de41e9f04666d300e233d10
-
SHA256
24f2eb90845e42c7b83d4cc2d690e14e29881d033253741af02d9a10b768b94b
-
SHA512
75a498572e825a1bb5ebdd50dcc85f269337ff6fdf588b89a543edfcb60dcf904c553b37e65be530bc6d5a751af5f17a5a47024a4a23ae1c4fdd946a94ddbec8
-
SSDEEP
3072:spWpsBsqrNkMzN0mx7Sr6zBsqrNkMzN0mx7Sr6z:NWB9nPB9n/
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4752) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-