General
-
Target
50b7cb6c529df4482bb9450965f63cf67319f94bf3235b719dce4322f559590a
-
Size
25KB
-
Sample
250605-rh871sgk4s
-
MD5
f1434d125dd0bd8793412c2206147ee6
-
SHA1
5c0c82b9b24d861c09dc3d48c79273ef37ff4883
-
SHA256
50b7cb6c529df4482bb9450965f63cf67319f94bf3235b719dce4322f559590a
-
SHA512
dcb89cec5ab3488fde4e12e9fd4cf790b1bda9219acdefe1b871225b684a6c251947fa2be142f0c11ec84717ea7b1a21d693aa3f8fc34172e8a05d3c686ade39
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOWd0zKoKb:s7ZppApdIIBzHu
Behavioral task
behavioral1
Sample
50b7cb6c529df4482bb9450965f63cf67319f94bf3235b719dce4322f559590a.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
50b7cb6c529df4482bb9450965f63cf67319f94bf3235b719dce4322f559590a
-
Size
25KB
-
MD5
f1434d125dd0bd8793412c2206147ee6
-
SHA1
5c0c82b9b24d861c09dc3d48c79273ef37ff4883
-
SHA256
50b7cb6c529df4482bb9450965f63cf67319f94bf3235b719dce4322f559590a
-
SHA512
dcb89cec5ab3488fde4e12e9fd4cf790b1bda9219acdefe1b871225b684a6c251947fa2be142f0c11ec84717ea7b1a21d693aa3f8fc34172e8a05d3c686ade39
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOWd0zKoKb:s7ZppApdIIBzHu
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5246) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-