General
-
Target
20b1b05ddf931c03503732ebae27d3acdefc3c776dbccfa66b6cc5e91716dfd3
-
Size
37KB
-
Sample
250605-pgtptsxlz3
-
MD5
4d29eb58f2c6894185399cfabf1c6d8b
-
SHA1
7de2fea61481b0593678897a3372845a1b7409d0
-
SHA256
20b1b05ddf931c03503732ebae27d3acdefc3c776dbccfa66b6cc5e91716dfd3
-
SHA512
cd20f13ff489868c1e81faead4162834a9294f6ab412bbff9275ed70f57f67c5a727f8643336a7d1970e88a2e9a9f11b92f14309a777a4fc3d2ac778edf3a186
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOYE/AE/DZKNZKy7Lziz+ME:uZ4FLz8ae+rOn8ae+rOrZkZ/7LGi
Static task
static1
Behavioral task
behavioral1
Sample
20b1b05ddf931c03503732ebae27d3acdefc3c776dbccfa66b6cc5e91716dfd3.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
20b1b05ddf931c03503732ebae27d3acdefc3c776dbccfa66b6cc5e91716dfd3.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
20b1b05ddf931c03503732ebae27d3acdefc3c776dbccfa66b6cc5e91716dfd3
-
Size
37KB
-
MD5
4d29eb58f2c6894185399cfabf1c6d8b
-
SHA1
7de2fea61481b0593678897a3372845a1b7409d0
-
SHA256
20b1b05ddf931c03503732ebae27d3acdefc3c776dbccfa66b6cc5e91716dfd3
-
SHA512
cd20f13ff489868c1e81faead4162834a9294f6ab412bbff9275ed70f57f67c5a727f8643336a7d1970e88a2e9a9f11b92f14309a777a4fc3d2ac778edf3a186
-
SSDEEP
384:hAg+5OCZ4W6/KWLsqmFae+rOAqmFae+rOYE/AE/DZKNZKy7Lziz+ME:uZ4FLz8ae+rOn8ae+rOrZkZ/7LGi
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5213) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-