General

  • Target

    62603db5e697b8b38513a53c61d94f7e00cca8e93f3dd2f4313ebd6284d7cfe6

  • Size

    84KB

  • Sample

    250703-f1gpyavk13

  • MD5

    14924b8e339c759db8c919d77f138810

  • SHA1

    2322a897c2a279223fa31dbedcb6def16b9c2f3c

  • SHA256

    62603db5e697b8b38513a53c61d94f7e00cca8e93f3dd2f4313ebd6284d7cfe6

  • SHA512

    9f7bcbb786cab04b56005737ffad5944aeba5b2cb25b06876db8ed70f033690c46d4f6d5575358396c16214ad1e99096840b8f225f42bfa852d25a069f21c06c

  • SSDEEP

    768:uZ4FLz8ae+rOn8ae+rOY6g1NGc1NGZgIZmoLiJfoLiJ6HpOq0G2c4LczPjC75GLZ:uGIIoEKEkqR2pcbOaqd4ujksMOtYSlm

Malware Config

Targets

    • Target

      62603db5e697b8b38513a53c61d94f7e00cca8e93f3dd2f4313ebd6284d7cfe6

    • Size

      84KB

    • MD5

      14924b8e339c759db8c919d77f138810

    • SHA1

      2322a897c2a279223fa31dbedcb6def16b9c2f3c

    • SHA256

      62603db5e697b8b38513a53c61d94f7e00cca8e93f3dd2f4313ebd6284d7cfe6

    • SHA512

      9f7bcbb786cab04b56005737ffad5944aeba5b2cb25b06876db8ed70f033690c46d4f6d5575358396c16214ad1e99096840b8f225f42bfa852d25a069f21c06c

    • SSDEEP

      768:uZ4FLz8ae+rOn8ae+rOY6g1NGc1NGZgIZmoLiJfoLiJ6HpOq0G2c4LczPjC75GLZ:uGIIoEKEkqR2pcbOaqd4ujksMOtYSlm

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5042) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks