General
-
Target
35d9cfb50e9de7ffa0bcc5b24677062e08f516e0264694c6b6910253cd4211e9
-
Size
86KB
-
Sample
250605-mdpkladj5w
-
MD5
b6db4a0526192b53e45260e2b4d54b45
-
SHA1
04c886b67c070fd01c7967297cec86dd7825eda9
-
SHA256
35d9cfb50e9de7ffa0bcc5b24677062e08f516e0264694c6b6910253cd4211e9
-
SHA512
9df1565eb2d658d72eef331d942bc528b5156bece041759c6051a0a651572ab259a146f7d2c68f07eccec5067eefacf788e3411c19541560672e3fa392c3b57b
-
SSDEEP
1536:uGIIxgrC35rtLVja0tzmAjUHjkja0tzmAjUHjtuC6mgoZeyi7idsy:N9g8mgoZRi7idsy
Static task
static1
Behavioral task
behavioral1
Sample
35d9cfb50e9de7ffa0bcc5b24677062e08f516e0264694c6b6910253cd4211e9.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
35d9cfb50e9de7ffa0bcc5b24677062e08f516e0264694c6b6910253cd4211e9
-
Size
86KB
-
MD5
b6db4a0526192b53e45260e2b4d54b45
-
SHA1
04c886b67c070fd01c7967297cec86dd7825eda9
-
SHA256
35d9cfb50e9de7ffa0bcc5b24677062e08f516e0264694c6b6910253cd4211e9
-
SHA512
9df1565eb2d658d72eef331d942bc528b5156bece041759c6051a0a651572ab259a146f7d2c68f07eccec5067eefacf788e3411c19541560672e3fa392c3b57b
-
SSDEEP
1536:uGIIxgrC35rtLVja0tzmAjUHjkja0tzmAjUHjtuC6mgoZeyi7idsy:N9g8mgoZRi7idsy
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5030) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-