General
-
Target
e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647
-
Size
75KB
-
Sample
250605-mb6fbscr9w
-
MD5
fd07451ea0fda5e13ee9996c868164a8
-
SHA1
902b1894a771b8c95cec5985942ab6acb17176c8
-
SHA256
e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647
-
SHA512
ea997f40deef9924487c47232d155ff3ca8f8c5ad075fb70d8886f0e216e10a14d5b5a6f614e9260fffe144c32f95c63b140cf9048ff0b55299a0447298174f8
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvoZ4FLz8ae+rOn8ae+rO2aNQP+w:s7ZppApdIIJQP+UDQvoGIIJQP+UDQvM5
Behavioral task
behavioral1
Sample
e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647
-
Size
75KB
-
MD5
fd07451ea0fda5e13ee9996c868164a8
-
SHA1
902b1894a771b8c95cec5985942ab6acb17176c8
-
SHA256
e753ce3379dd3970a91fe4166baa4d7ca38a0f498f115ac58ede748be95ae647
-
SHA512
ea997f40deef9924487c47232d155ff3ca8f8c5ad075fb70d8886f0e216e10a14d5b5a6f614e9260fffe144c32f95c63b140cf9048ff0b55299a0447298174f8
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rO2aNQP+UDQvoZ4FLz8ae+rOn8ae+rO2aNQP+w:s7ZppApdIIJQP+UDQvoGIIJQP+UDQvM5
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5037) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-