General
-
Target
698dcaf2876edaf721273de698089398d2740d9403c8ff6552f0035195f573f5
-
Size
43KB
-
Sample
250605-mdsbgswlv5
-
MD5
d94d7c736e18d0698e4e26e3418836c1
-
SHA1
253f19e3d76f1e77f1b5e529f74a268f9c8d2514
-
SHA256
698dcaf2876edaf721273de698089398d2740d9403c8ff6552f0035195f573f5
-
SHA512
9f3f1bc964084d5d3c7bdddac7ef7b8f0daad588e73dd8cc34c9c6827857e96237c3baa6239ef1e8dbdf50915b9d0731cad8e0c8666efd472ce4632f54e1b7fd
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOYE/AE/DZKNZKy7LzizuFpUuFpU2:uZ4FLz8ae+rOn8ae+rOrZkZ/7LGBN2
Static task
static1
Behavioral task
behavioral1
Sample
698dcaf2876edaf721273de698089398d2740d9403c8ff6552f0035195f573f5.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
698dcaf2876edaf721273de698089398d2740d9403c8ff6552f0035195f573f5.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
698dcaf2876edaf721273de698089398d2740d9403c8ff6552f0035195f573f5
-
Size
43KB
-
MD5
d94d7c736e18d0698e4e26e3418836c1
-
SHA1
253f19e3d76f1e77f1b5e529f74a268f9c8d2514
-
SHA256
698dcaf2876edaf721273de698089398d2740d9403c8ff6552f0035195f573f5
-
SHA512
9f3f1bc964084d5d3c7bdddac7ef7b8f0daad588e73dd8cc34c9c6827857e96237c3baa6239ef1e8dbdf50915b9d0731cad8e0c8666efd472ce4632f54e1b7fd
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOYE/AE/DZKNZKy7LzizuFpUuFpU2:uZ4FLz8ae+rOn8ae+rOrZkZ/7LGBN2
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5207) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-