General
-
Target
10a78e4dc952910a119e3d366dee4e39379c8dab7506552736be2455f4472dff
-
Size
20KB
-
Sample
250605-pjl3rsxms7
-
MD5
2260b4a95da02e24ffdf81f4fed52930
-
SHA1
b70a1b4bc407ee8cd7062c5b0812fd79e30111a8
-
SHA256
10a78e4dc952910a119e3d366dee4e39379c8dab7506552736be2455f4472dff
-
SHA512
4a21b8a86ff6eb39fdfcb8aed0483f77eff48505201a6d460df8ffc4e7a51036b618ffe3e51fa599218834f02a83402ba3769011811bb71addb524a093518ba7
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOiOZ2OZG:s7BlpppARFbhdLz8ae+rOn8ae+rOy
Behavioral task
behavioral1
Sample
10a78e4dc952910a119e3d366dee4e39379c8dab7506552736be2455f4472dff.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
10a78e4dc952910a119e3d366dee4e39379c8dab7506552736be2455f4472dff.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
10a78e4dc952910a119e3d366dee4e39379c8dab7506552736be2455f4472dff
-
Size
20KB
-
MD5
2260b4a95da02e24ffdf81f4fed52930
-
SHA1
b70a1b4bc407ee8cd7062c5b0812fd79e30111a8
-
SHA256
10a78e4dc952910a119e3d366dee4e39379c8dab7506552736be2455f4472dff
-
SHA512
4a21b8a86ff6eb39fdfcb8aed0483f77eff48505201a6d460df8ffc4e7a51036b618ffe3e51fa599218834f02a83402ba3769011811bb71addb524a093518ba7
-
SSDEEP
384:gBt7Br5xjL9AgA71FbhvP/KWLsqmFae+rOAqmFae+rOiOZ2OZG:s7BlpppARFbhdLz8ae+rOn8ae+rOy
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5265) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-