General
-
Target
dbe8f41f3f03ceee899b50a68316ae85c2f16566b71380e112e0430581a30b9b
-
Size
136KB
-
Sample
250605-mb7cmacr9x
-
MD5
d47e6cfe3d1c975025e07509eb6d5458
-
SHA1
8c48884ebe2552160eed5dca24eb9f92669416ec
-
SHA256
dbe8f41f3f03ceee899b50a68316ae85c2f16566b71380e112e0430581a30b9b
-
SHA512
e376f809cad2bd102a01d3542e181ff4cc94559827aaf4f84e34929c242d17f7e794a83b7bd6d1d9a83de21d3862762c1301dfcfccb8ca955e0ea4b1fddb60e5
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8e9h+U6o46NnIsLugPxxy4Kt:spWpT9InTVsZYFG6cZesIsLuz
Behavioral task
behavioral1
Sample
dbe8f41f3f03ceee899b50a68316ae85c2f16566b71380e112e0430581a30b9b.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
dbe8f41f3f03ceee899b50a68316ae85c2f16566b71380e112e0430581a30b9b
-
Size
136KB
-
MD5
d47e6cfe3d1c975025e07509eb6d5458
-
SHA1
8c48884ebe2552160eed5dca24eb9f92669416ec
-
SHA256
dbe8f41f3f03ceee899b50a68316ae85c2f16566b71380e112e0430581a30b9b
-
SHA512
e376f809cad2bd102a01d3542e181ff4cc94559827aaf4f84e34929c242d17f7e794a83b7bd6d1d9a83de21d3862762c1301dfcfccb8ca955e0ea4b1fddb60e5
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8e9h+U6o46NnIsLugPxxy4Kt:spWpT9InTVsZYFG6cZesIsLuz
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4850) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-