General
-
Target
f167113b5a76cd046556f5980afe35bd7f9ee202d244ffa353a75341e12a54d2
-
Size
24KB
-
Sample
250605-mdtvbawlv7
-
MD5
68de0868c15b8c44e80f61104821bd5f
-
SHA1
5c2c69504a81bbcdbee827f8794f015cb92c5295
-
SHA256
f167113b5a76cd046556f5980afe35bd7f9ee202d244ffa353a75341e12a54d2
-
SHA512
5ab8b9eb989a5b93c6a0c3d0863204b26115da4e46d70f617e91f45b0b306ec1def8fb9234512b5df3c90837d7018e266eff6f2ab912a1c449dbbe96ca9cba60
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOiOZ2OZW0i90in:s7BlpppARFbhdLz8ae+rOn8ae+rOWdn
Behavioral task
behavioral1
Sample
f167113b5a76cd046556f5980afe35bd7f9ee202d244ffa353a75341e12a54d2.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
f167113b5a76cd046556f5980afe35bd7f9ee202d244ffa353a75341e12a54d2.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
f167113b5a76cd046556f5980afe35bd7f9ee202d244ffa353a75341e12a54d2
-
Size
24KB
-
MD5
68de0868c15b8c44e80f61104821bd5f
-
SHA1
5c2c69504a81bbcdbee827f8794f015cb92c5295
-
SHA256
f167113b5a76cd046556f5980afe35bd7f9ee202d244ffa353a75341e12a54d2
-
SHA512
5ab8b9eb989a5b93c6a0c3d0863204b26115da4e46d70f617e91f45b0b306ec1def8fb9234512b5df3c90837d7018e266eff6f2ab912a1c449dbbe96ca9cba60
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOiOZ2OZW0i90in:s7BlpppARFbhdLz8ae+rOn8ae+rOWdn
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5212) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-