General
-
Target
31e5de354b79269d1292d313370904b8d6ac58c82646744d5e122cb32cf11c5b
-
Size
50KB
-
Sample
250703-f1gpyavk15
-
MD5
3c5289ce7e02a4476dad1198ecbd8487
-
SHA1
050d50c336c79eb4979526a038561ded3bf2606f
-
SHA256
31e5de354b79269d1292d313370904b8d6ac58c82646744d5e122cb32cf11c5b
-
SHA512
eeb35a55baf76d4395d3c7a035ae331db268be27e4c03cbc2e30c390e4a51f6295d37dacee091da86d0565a0b079e1f8153e2504c2d7af4747a098b94a07321b
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOY6g1NGc1NGZgIZmoLiJfoLiJ6HpOqAZkZzX:uGIIoEKEkqqGzX
Static task
static1
Behavioral task
behavioral1
Sample
31e5de354b79269d1292d313370904b8d6ac58c82646744d5e122cb32cf11c5b.exe
Resource
win10v2004-20250502-en
Behavioral task
behavioral2
Sample
31e5de354b79269d1292d313370904b8d6ac58c82646744d5e122cb32cf11c5b.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
31e5de354b79269d1292d313370904b8d6ac58c82646744d5e122cb32cf11c5b
-
Size
50KB
-
MD5
3c5289ce7e02a4476dad1198ecbd8487
-
SHA1
050d50c336c79eb4979526a038561ded3bf2606f
-
SHA256
31e5de354b79269d1292d313370904b8d6ac58c82646744d5e122cb32cf11c5b
-
SHA512
eeb35a55baf76d4395d3c7a035ae331db268be27e4c03cbc2e30c390e4a51f6295d37dacee091da86d0565a0b079e1f8153e2504c2d7af4747a098b94a07321b
-
SSDEEP
768:uZ4FLz8ae+rOn8ae+rOY6g1NGc1NGZgIZmoLiJfoLiJ6HpOqAZkZzX:uGIIoEKEkqqGzX
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5197) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-