General
-
Target
f95b0afc984fc869eefeb78c1be64ad08912232ca81ba77d1ebbdd22c2daf439
-
Size
73KB
-
Sample
250605-pgqceaxly3
-
MD5
e6d776ff35c02d661e39b57ad86a3557
-
SHA1
c81feb9cd670d9d60e1c5716698459adf65edaee
-
SHA256
f95b0afc984fc869eefeb78c1be64ad08912232ca81ba77d1ebbdd22c2daf439
-
SHA512
d8963a722c5569fc835dbd1fd14cc2b903ca85473891fc0c75615fd1708c5f70b2ca6d5394d605d262b4bd9344f244796a389d3f794f704cfae52019494988db
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8eey9Xhy9XZ:spWpT9InTVsZYFG6cZh0Z
Behavioral task
behavioral1
Sample
f95b0afc984fc869eefeb78c1be64ad08912232ca81ba77d1ebbdd22c2daf439.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
f95b0afc984fc869eefeb78c1be64ad08912232ca81ba77d1ebbdd22c2daf439.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
f95b0afc984fc869eefeb78c1be64ad08912232ca81ba77d1ebbdd22c2daf439
-
Size
73KB
-
MD5
e6d776ff35c02d661e39b57ad86a3557
-
SHA1
c81feb9cd670d9d60e1c5716698459adf65edaee
-
SHA256
f95b0afc984fc869eefeb78c1be64ad08912232ca81ba77d1ebbdd22c2daf439
-
SHA512
d8963a722c5569fc835dbd1fd14cc2b903ca85473891fc0c75615fd1708c5f70b2ca6d5394d605d262b4bd9344f244796a389d3f794f704cfae52019494988db
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8eey9Xhy9XZ:spWpT9InTVsZYFG6cZh0Z
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5080) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-