General
-
Target
3cf4b043f15698faeb65baaab182d1f8bb0dfaf6099a40c02a7fc0cd9c7c043f
-
Size
42KB
-
Sample
250605-rhsv2agj9y
-
MD5
5efdcd446c5bf7322e7f6f1186518608
-
SHA1
eab48f564d4f854a853cea4caf3e7a43bd9d50c8
-
SHA256
3cf4b043f15698faeb65baaab182d1f8bb0dfaf6099a40c02a7fc0cd9c7c043f
-
SHA512
79974f57ce965c6e55b9347298091bd50780ccfec28d820a42993e02d02beb2a53b59e4460252e5409f2e6bc42909609b931bef2b0e8ee24835eb24822e6382e
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOCjQjYIlZtkUloRDVI8ePMbCq3MmUq94Nq:s7ZppApdIICjQj9CDVI8eOJ8mi4
Behavioral task
behavioral1
Sample
3cf4b043f15698faeb65baaab182d1f8bb0dfaf6099a40c02a7fc0cd9c7c043f.exe
Resource
win10v2004-20250502-en
Malware Config
Targets
-
-
Target
3cf4b043f15698faeb65baaab182d1f8bb0dfaf6099a40c02a7fc0cd9c7c043f
-
Size
42KB
-
MD5
5efdcd446c5bf7322e7f6f1186518608
-
SHA1
eab48f564d4f854a853cea4caf3e7a43bd9d50c8
-
SHA256
3cf4b043f15698faeb65baaab182d1f8bb0dfaf6099a40c02a7fc0cd9c7c043f
-
SHA512
79974f57ce965c6e55b9347298091bd50780ccfec28d820a42993e02d02beb2a53b59e4460252e5409f2e6bc42909609b931bef2b0e8ee24835eb24822e6382e
-
SSDEEP
768:s7BlpppARFbhdLz8ae+rOn8ae+rOCjQjYIlZtkUloRDVI8ePMbCq3MmUq94Nq:s7ZppApdIICjQj9CDVI8eOJ8mi4
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5188) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-