General
-
Target
4aeeb97b42988bf09747f6196a200f5ffc3a7226a4598a6ea9f563c388e4264a
-
Size
50KB
-
Sample
250605-rh17eayny3
-
MD5
ec99985088c362e33fbe44775b023823
-
SHA1
6d9977f6e609695eb686f4f0f7b9a3a9e6bcbb33
-
SHA256
4aeeb97b42988bf09747f6196a200f5ffc3a7226a4598a6ea9f563c388e4264a
-
SHA512
9c5af42fe13cf99e736ce88cebeb6e30edb8178f0370eaa24b150d032f39d8de0bb655120a9f5071587a5f28e27f7014afe611dd42cbe78a409f0cdfafb197e4
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOx656tAZ4FLz8ae+rOn8ae+rOx656tBGUNGUg:s7ZppApdII0M2GII0MuF
Behavioral task
behavioral1
Sample
4aeeb97b42988bf09747f6196a200f5ffc3a7226a4598a6ea9f563c388e4264a.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
4aeeb97b42988bf09747f6196a200f5ffc3a7226a4598a6ea9f563c388e4264a.exe
Resource
win11-20250502-en
Malware Config
Targets
-
-
Target
4aeeb97b42988bf09747f6196a200f5ffc3a7226a4598a6ea9f563c388e4264a
-
Size
50KB
-
MD5
ec99985088c362e33fbe44775b023823
-
SHA1
6d9977f6e609695eb686f4f0f7b9a3a9e6bcbb33
-
SHA256
4aeeb97b42988bf09747f6196a200f5ffc3a7226a4598a6ea9f563c388e4264a
-
SHA512
9c5af42fe13cf99e736ce88cebeb6e30edb8178f0370eaa24b150d032f39d8de0bb655120a9f5071587a5f28e27f7014afe611dd42cbe78a409f0cdfafb197e4
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOx656tAZ4FLz8ae+rOn8ae+rOx656tBGUNGUg:s7ZppApdII0M2GII0MuF
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5134) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-