General
-
Target
141ead4ee42ac5aea06601ca35a981af109baf11dee3b8d7bc25b88a47ecdba9
-
Size
84KB
-
Sample
250605-pjf7hsxl15
-
MD5
f981bf58885f4a9fb7f30e40e9a6fbbb
-
SHA1
3631e7672421c9e9c16abf8ea6c02d48e8e9f18a
-
SHA256
141ead4ee42ac5aea06601ca35a981af109baf11dee3b8d7bc25b88a47ecdba9
-
SHA512
b2a75a3ae9d755525a2ddde0d18b14bb7967c9249ec1039dffe1a920464f0c16608d193a98e804df2e3d7f651c25f7eeedcc6c8f0fd8452d065c65b9aa8a9479
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8eEXcBxOBxIFR:spWpT9InTVsZYFG6cZxnOnIFR
Behavioral task
behavioral1
Sample
141ead4ee42ac5aea06601ca35a981af109baf11dee3b8d7bc25b88a47ecdba9.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
141ead4ee42ac5aea06601ca35a981af109baf11dee3b8d7bc25b88a47ecdba9.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
141ead4ee42ac5aea06601ca35a981af109baf11dee3b8d7bc25b88a47ecdba9
-
Size
84KB
-
MD5
f981bf58885f4a9fb7f30e40e9a6fbbb
-
SHA1
3631e7672421c9e9c16abf8ea6c02d48e8e9f18a
-
SHA256
141ead4ee42ac5aea06601ca35a981af109baf11dee3b8d7bc25b88a47ecdba9
-
SHA512
b2a75a3ae9d755525a2ddde0d18b14bb7967c9249ec1039dffe1a920464f0c16608d193a98e804df2e3d7f651c25f7eeedcc6c8f0fd8452d065c65b9aa8a9479
-
SSDEEP
1536:s7ZppApdII1grC35rtLgnTVoAUZY/ECGn6cmi8eEXcBxOBxIFR:spWpT9InTVsZYFG6cZxnOnIFR
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5031) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-