General

  • Target

    2751ede1367efc0bdc14ddf918ab2d947b0735b14dc08c570a917c9569736b0d

  • Size

    39KB

  • Sample

    250605-pjct4adm6x

  • MD5

    c98cbb22396c9e70fb79d10a9927f48c

  • SHA1

    8ad8015ea9eb7d4485841a5e56fda7cbb12a56d6

  • SHA256

    2751ede1367efc0bdc14ddf918ab2d947b0735b14dc08c570a917c9569736b0d

  • SHA512

    2da6b8f7176a39f604ffe0032e03ebb4ed98a2fde2c0460f983de5a4b5bc5271667c06ac6f9a64913a8cd930c900d459a75dd19009d1ecb106419a725d9c9e29

  • SSDEEP

    768:s7BlpppARFbhdLz8ae+rOn8ae+rOxZ4FLz8ae+rOn8ae+rON:s7ZppApdIIxGIIN

Malware Config

Targets

    • Target

      2751ede1367efc0bdc14ddf918ab2d947b0735b14dc08c570a917c9569736b0d

    • Size

      39KB

    • MD5

      c98cbb22396c9e70fb79d10a9927f48c

    • SHA1

      8ad8015ea9eb7d4485841a5e56fda7cbb12a56d6

    • SHA256

      2751ede1367efc0bdc14ddf918ab2d947b0735b14dc08c570a917c9569736b0d

    • SHA512

      2da6b8f7176a39f604ffe0032e03ebb4ed98a2fde2c0460f983de5a4b5bc5271667c06ac6f9a64913a8cd930c900d459a75dd19009d1ecb106419a725d9c9e29

    • SSDEEP

      768:s7BlpppARFbhdLz8ae+rOn8ae+rOxZ4FLz8ae+rOn8ae+rON:s7ZppApdIIxGIIN

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5240) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks