General
-
Target
96686824ff7bbde8baf17271fabbadaac31e97197bae0631ce8f87976d82c02d
-
Size
24KB
-
Sample
250605-qdk4ysdr7y
-
MD5
d7d489dd3fd655bd42deb920c9d72a43
-
SHA1
ff5e6551e7910365ef0f0aa5b9fd74c68e00523b
-
SHA256
96686824ff7bbde8baf17271fabbadaac31e97197bae0631ce8f87976d82c02d
-
SHA512
43ef32ab55dcb8a6eb2d771c545e0692698ee8e33d7162052315d96b45ce781cf6c150041ff84023755985dddee2f6eb4e816f26b0e6677573e6aed6eb571c70
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJtv:s7ZppApdIIC0e
Behavioral task
behavioral1
Sample
96686824ff7bbde8baf17271fabbadaac31e97197bae0631ce8f87976d82c02d.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
96686824ff7bbde8baf17271fabbadaac31e97197bae0631ce8f87976d82c02d
-
Size
24KB
-
MD5
d7d489dd3fd655bd42deb920c9d72a43
-
SHA1
ff5e6551e7910365ef0f0aa5b9fd74c68e00523b
-
SHA256
96686824ff7bbde8baf17271fabbadaac31e97197bae0631ce8f87976d82c02d
-
SHA512
43ef32ab55dcb8a6eb2d771c545e0692698ee8e33d7162052315d96b45ce781cf6c150041ff84023755985dddee2f6eb4e816f26b0e6677573e6aed6eb571c70
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOb83osGOUiuJtfosGOUiuJtv:s7ZppApdIIC0e
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5015) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-