General

  • Target

    e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647

  • Size

    75KB

  • Sample

    250605-mb6fbscr9w

  • MD5

    fd07451ea0fda5e13ee9996c868164a8

  • SHA1

    902b1894a771b8c95cec5985942ab6acb17176c8

  • SHA256

    e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647

  • SHA512

    ea997f40deef9924487c47232d155ff3ca8f8c5ad075fb70d8886f0e216e10a14d5b5a6f614e9260fffe144c32f95c63b140cf9048ff0b55299a0447298174f8

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvoZ4FLz8ae+rOn8ae+rO2aNQP+w:s7ZppApdIIJQP+UDQvoGIIJQP+UDQvM5

Malware Config

Targets

    • Target

      e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647

    • Size

      75KB

    • MD5

      fd07451ea0fda5e13ee9996c868164a8

    • SHA1

      902b1894a771b8c95cec5985942ab6acb17176c8

    • SHA256

      e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647

    • SHA512

      ea997f40deef9924487c47232d155ff3ca8f8c5ad075fb70d8886f0e216e10a14d5b5a6f614e9260fffe144c32f95c63b140cf9048ff0b55299a0447298174f8

    • SSDEEP

      768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvoZ4FLz8ae+rOn8ae+rO2aNQP+w:s7ZppApdIIJQP+UDQvoGIIJQP+UDQvM5

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5037) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks