General
-
Target
8e2e37cc12ac296d89edf1682fbeb57833a754afa2273cd0b8962a2f1404f343
-
Size
169KB
-
Sample
250703-f3jbjshq3s
-
MD5
69391caabc37269dccd7f18ac52aeccf
-
SHA1
091c4184d61ed133b2bfd66844c49a922a069d50
-
SHA256
8e2e37cc12ac296d89edf1682fbeb57833a754afa2273cd0b8962a2f1404f343
-
SHA512
f78313d64efa44b8f181225b59a6d278b9f8341a0418475a2bc661fe93afde4e0dc9a07becb22bed14def8e270f9f1a516e093466cd4ee265cf3d0c034952fba
-
SSDEEP
3072:cEKEL2pcbOaM4ujkwl7EKEL2pcbOaM4ujkwl4:92pWQNjlq2pWQNjl4
Static task
static1
Behavioral task
behavioral1
Sample
8e2e37cc12ac296d89edf1682fbeb57833a754afa2273cd0b8962a2f1404f343.exe
Resource
win10v2004-20250619-en
Malware Config
Targets
-
-
Target
8e2e37cc12ac296d89edf1682fbeb57833a754afa2273cd0b8962a2f1404f343
-
Size
169KB
-
MD5
69391caabc37269dccd7f18ac52aeccf
-
SHA1
091c4184d61ed133b2bfd66844c49a922a069d50
-
SHA256
8e2e37cc12ac296d89edf1682fbeb57833a754afa2273cd0b8962a2f1404f343
-
SHA512
f78313d64efa44b8f181225b59a6d278b9f8341a0418475a2bc661fe93afde4e0dc9a07becb22bed14def8e270f9f1a516e093466cd4ee265cf3d0c034952fba
-
SSDEEP
3072:cEKEL2pcbOaM4ujkwl7EKEL2pcbOaM4ujkwl4:92pWQNjlq2pWQNjl4
Score10/10-
Cosmu family
-
Detects Cosmu payload
Cosmu is a worm written in C++.
-
Renames multiple (4985) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Drops file in System32 directory
-