General
-
Target
3baa03b480aa7fd270d3db3cc5b51d6295c2a6a0a3d1cdde77188bf5b4ff044b
-
Size
6.4MB
-
Sample
250703-f3ch1avls9
-
MD5
1c19e274766ddc89f3ee950ef873f5d9
-
SHA1
13efc32c7a4a3114ce1c296f6fe0ff39146f9406
-
SHA256
3baa03b480aa7fd270d3db3cc5b51d6295c2a6a0a3d1cdde77188bf5b4ff044b
-
SHA512
7d46777eb9428f7693d1df723c91891eddeb13af282d571f67abc20bafbcbeb835ec58a38d8f062cee70bef349ff2ff4f10c66308e03a705e1c46f64f156eaed
-
SSDEEP
49152:Y555sNN6DZbxamg5cC05tlkQhiXSZ9QG2a2DcdiX245l72dLQztriFmqc2kXYnro:A5AEoRWtW0gQJmYQ08+BWo2QY3Pj7
Static task
static1
Behavioral task
behavioral1
Sample
3baa03b480aa7fd270d3db3cc5b51d6295c2a6a0a3d1cdde77188bf5b4ff044b.exe
Resource
win10v2004-20250610-en
Behavioral task
behavioral2
Sample
3baa03b480aa7fd270d3db3cc5b51d6295c2a6a0a3d1cdde77188bf5b4ff044b.exe
Resource
win11-20250619-en
Malware Config
Targets
-
-
Target
3baa03b480aa7fd270d3db3cc5b51d6295c2a6a0a3d1cdde77188bf5b4ff044b
-
Size
6.4MB
-
MD5
1c19e274766ddc89f3ee950ef873f5d9
-
SHA1
13efc32c7a4a3114ce1c296f6fe0ff39146f9406
-
SHA256
3baa03b480aa7fd270d3db3cc5b51d6295c2a6a0a3d1cdde77188bf5b4ff044b
-
SHA512
7d46777eb9428f7693d1df723c91891eddeb13af282d571f67abc20bafbcbeb835ec58a38d8f062cee70bef349ff2ff4f10c66308e03a705e1c46f64f156eaed
-
SSDEEP
49152:Y555sNN6DZbxamg5cC05tlkQhiXSZ9QG2a2DcdiX245l72dLQztriFmqc2kXYnro:A5AEoRWtW0gQJmYQ08+BWo2QY3Pj7
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (417) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-