General
-
Target
5cb62a4bb0335163c6433c8e8133bebc29d4ce3a3ae33e61e3e8f1cff499dc58
-
Size
91KB
-
Sample
250703-f1jvasvk18
-
MD5
57af631261f40e14ac3a1dc60efac9dc
-
SHA1
456d6430cfd0a08fc4202152183acefb0cd88034
-
SHA256
5cb62a4bb0335163c6433c8e8133bebc29d4ce3a3ae33e61e3e8f1cff499dc58
-
SHA512
18ed94eafc3a71cbf0389d899064abea02aa4a08588b577b3ea2478e13fe357ea0aa9dc8669d5f46e476c356312bc4bfde7e834c06b0a53d8220d1d3c96ad64a
-
SSDEEP
1536:s7ZppApdIIoEKEkqR2pcbOaqd4ujksMOtYSlN:spWp6EKEL2pcbOaM4ujkwlN
Behavioral task
behavioral1
Sample
5cb62a4bb0335163c6433c8e8133bebc29d4ce3a3ae33e61e3e8f1cff499dc58.exe
Resource
win10v2004-20250619-en
Behavioral task
behavioral2
Sample
5cb62a4bb0335163c6433c8e8133bebc29d4ce3a3ae33e61e3e8f1cff499dc58.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
5cb62a4bb0335163c6433c8e8133bebc29d4ce3a3ae33e61e3e8f1cff499dc58
-
Size
91KB
-
MD5
57af631261f40e14ac3a1dc60efac9dc
-
SHA1
456d6430cfd0a08fc4202152183acefb0cd88034
-
SHA256
5cb62a4bb0335163c6433c8e8133bebc29d4ce3a3ae33e61e3e8f1cff499dc58
-
SHA512
18ed94eafc3a71cbf0389d899064abea02aa4a08588b577b3ea2478e13fe357ea0aa9dc8669d5f46e476c356312bc4bfde7e834c06b0a53d8220d1d3c96ad64a
-
SSDEEP
1536:s7ZppApdIIoEKEkqR2pcbOaqd4ujksMOtYSlN:spWp6EKEL2pcbOaM4ujkwlN
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (5012) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-