General
-
Target
922d8aef8081d666f0d65dee9990a180e4ca102bcaf0215e31edc7ffaba8d648
-
Size
103KB
-
Sample
250605-qdmb1sdr8x
-
MD5
e69589355cf7f04024d2bc03bed60235
-
SHA1
34f64fe90d7d88fc64fc5ec5c19aa0f97361603b
-
SHA256
922d8aef8081d666f0d65dee9990a180e4ca102bcaf0215e31edc7ffaba8d648
-
SHA512
53cdb8f8fc68db016ee6d892b5dc3da634987cfb99d938991483731800a1bc4dfca72ea3fe2c6789c9e466411f1979c7deee02038a961508fe85be44f329fe95
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6FLtOJMBb:spWpsBsqrNkMzN0mx7Sr6Rp
Behavioral task
behavioral1
Sample
922d8aef8081d666f0d65dee9990a180e4ca102bcaf0215e31edc7ffaba8d648.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
922d8aef8081d666f0d65dee9990a180e4ca102bcaf0215e31edc7ffaba8d648
-
Size
103KB
-
MD5
e69589355cf7f04024d2bc03bed60235
-
SHA1
34f64fe90d7d88fc64fc5ec5c19aa0f97361603b
-
SHA256
922d8aef8081d666f0d65dee9990a180e4ca102bcaf0215e31edc7ffaba8d648
-
SHA512
53cdb8f8fc68db016ee6d892b5dc3da634987cfb99d938991483731800a1bc4dfca72ea3fe2c6789c9e466411f1979c7deee02038a961508fe85be44f329fe95
-
SSDEEP
1536:s7ZppApdIIyBoLqrNkW1zN0m0lG1tETSA6FLtOJMBb:spWpsBsqrNkMzN0mx7Sr6Rp
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4875) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-