General
-
Target
6d603198b881a83e2d4908e309a2d6f2f5709aaa760766f221f9474c01367b02
-
Size
281KB
-
Sample
250605-j89mgavkv9
-
MD5
3a85e8a4af518aa58cc7891ee95db231
-
SHA1
df0bae9ae511225ec962aeca1fcf0b3748b37f00
-
SHA256
6d603198b881a83e2d4908e309a2d6f2f5709aaa760766f221f9474c01367b02
-
SHA512
3f825f1033b50d7837ac374280dc6e6e427afe0edf36ad684ac75a8828356e20d41bf48b0483c2e3fd3028d77df3f6996e2c158c41d90b96d4338b2ae4831b80
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJt5:s7ZppApdIIC0E
Behavioral task
behavioral1
Sample
6d603198b881a83e2d4908e309a2d6f2f5709aaa760766f221f9474c01367b02.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
6d603198b881a83e2d4908e309a2d6f2f5709aaa760766f221f9474c01367b02.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
6d603198b881a83e2d4908e309a2d6f2f5709aaa760766f221f9474c01367b02
-
Size
281KB
-
MD5
3a85e8a4af518aa58cc7891ee95db231
-
SHA1
df0bae9ae511225ec962aeca1fcf0b3748b37f00
-
SHA256
6d603198b881a83e2d4908e309a2d6f2f5709aaa760766f221f9474c01367b02
-
SHA512
3f825f1033b50d7837ac374280dc6e6e427afe0edf36ad684ac75a8828356e20d41bf48b0483c2e3fd3028d77df3f6996e2c158c41d90b96d4338b2ae4831b80
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJt5:s7ZppApdIIC0E
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4593) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-