General
-
Target
0728d70cc6ab71816d3fb91b43d694f843493291b7701acfb707f4cdae51b30e
-
Size
18KB
-
Sample
250605-pgqm6sxly5
-
MD5
7fdc4646d6d8c2518f0a320ed391bfc5
-
SHA1
5b80b336fab63a8ac9cf8e6f4ac99413c31b89bc
-
SHA256
0728d70cc6ab71816d3fb91b43d694f843493291b7701acfb707f4cdae51b30e
-
SHA512
0b374f6a485aaa6eecb5ade0447c7c4799b6b6947ece0c9d914af72bb828294f4a369747b85d9a1d91c251bbe45b9268fa2e40abf7c3a4da953a3c934059332e
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOewAJAJEOgVwAJAJEOgr:uZ4FLz8ae+rOn8ae+rOyJAJExFJAJExr
Static task
static1
Behavioral task
behavioral1
Sample
0728d70cc6ab71816d3fb91b43d694f843493291b7701acfb707f4cdae51b30e.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
0728d70cc6ab71816d3fb91b43d694f843493291b7701acfb707f4cdae51b30e.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
0728d70cc6ab71816d3fb91b43d694f843493291b7701acfb707f4cdae51b30e
-
Size
18KB
-
MD5
7fdc4646d6d8c2518f0a320ed391bfc5
-
SHA1
5b80b336fab63a8ac9cf8e6f4ac99413c31b89bc
-
SHA256
0728d70cc6ab71816d3fb91b43d694f843493291b7701acfb707f4cdae51b30e
-
SHA512
0b374f6a485aaa6eecb5ade0447c7c4799b6b6947ece0c9d914af72bb828294f4a369747b85d9a1d91c251bbe45b9268fa2e40abf7c3a4da953a3c934059332e
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOewAJAJEOgVwAJAJEOgr:uZ4FLz8ae+rOn8ae+rOyJAJExFJAJExr
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5132) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-