General
-
Target
2f86dcd676a76fe8425e12a15c2425422740658aadf91dab808d0f75318cbdb7
-
Size
134KB
-
Sample
250605-pjl3rsxms8
-
MD5
dcf51cc577293389d6bfb7ad921596d5
-
SHA1
35fbcea92c6c3988d44e4f980f6f16e3a9ccf032
-
SHA256
2f86dcd676a76fe8425e12a15c2425422740658aadf91dab808d0f75318cbdb7
-
SHA512
15dec3bf01d2edb77d05f2e24897cef4b7acf7b46633c9cf164283c9ac91a8c927332ddd035eb3e1166be32acfc3ae3e882cf5e72a6a5b929788e6f7f7a23629
-
SSDEEP
3072:spWpT9InTVsZYFG6cZA9InTVsZYFG6cZO:N59InTVsZOG6OA9InTVsZOG6OO
Behavioral task
behavioral1
Sample
2f86dcd676a76fe8425e12a15c2425422740658aadf91dab808d0f75318cbdb7.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
2f86dcd676a76fe8425e12a15c2425422740658aadf91dab808d0f75318cbdb7.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
2f86dcd676a76fe8425e12a15c2425422740658aadf91dab808d0f75318cbdb7
-
Size
134KB
-
MD5
dcf51cc577293389d6bfb7ad921596d5
-
SHA1
35fbcea92c6c3988d44e4f980f6f16e3a9ccf032
-
SHA256
2f86dcd676a76fe8425e12a15c2425422740658aadf91dab808d0f75318cbdb7
-
SHA512
15dec3bf01d2edb77d05f2e24897cef4b7acf7b46633c9cf164283c9ac91a8c927332ddd035eb3e1166be32acfc3ae3e882cf5e72a6a5b929788e6f7f7a23629
-
SSDEEP
3072:spWpT9InTVsZYFG6cZA9InTVsZYFG6cZO:N59InTVsZOG6OA9InTVsZOG6OO
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4857) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-