General
-
Target
b267d3aa5dc2f4ee7076b9241f3c870d9b126540ab472c5506f55521a4cbcdf6
-
Size
84KB
-
Sample
250703-f1g1psvk16
-
MD5
26f753afadfecee883c842e4dadf0bf2
-
SHA1
6c674cd738073433dd82b12ee277ea6d6942a029
-
SHA256
b267d3aa5dc2f4ee7076b9241f3c870d9b126540ab472c5506f55521a4cbcdf6
-
SHA512
6058d250e0982b03ba47d22d5b573a80bbf4a2e679413f36728c1a585f3c7388ced7311e70a645921a3bdf1bafd8a284c71095198df812c8b8720b7d28ab9d81
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOY6g1NGc1NGZgIZmoLiJfoLiJ6HpOq0G2c4LczPjC75GL8:uGIIoEKEkqR2pcbOaqd4ujksMOtYSlz
Static task
static1
Behavioral task
behavioral1
Sample
b267d3aa5dc2f4ee7076b9241f3c870d9b126540ab472c5506f55521a4cbcdf6.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
b267d3aa5dc2f4ee7076b9241f3c870d9b126540ab472c5506f55521a4cbcdf6.exe
Resource
win11-20250610-en
Malware Config
Targets
-
-
Target
b267d3aa5dc2f4ee7076b9241f3c870d9b126540ab472c5506f55521a4cbcdf6
-
Size
84KB
-
MD5
26f753afadfecee883c842e4dadf0bf2
-
SHA1
6c674cd738073433dd82b12ee277ea6d6942a029
-
SHA256
b267d3aa5dc2f4ee7076b9241f3c870d9b126540ab472c5506f55521a4cbcdf6
-
SHA512
6058d250e0982b03ba47d22d5b573a80bbf4a2e679413f36728c1a585f3c7388ced7311e70a645921a3bdf1bafd8a284c71095198df812c8b8720b7d28ab9d81
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOY6g1NGc1NGZgIZmoLiJfoLiJ6HpOq0G2c4LczPjC75GL8:uGIIoEKEkqR2pcbOaqd4ujksMOtYSlz
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5029) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-