General

  • Target

    433ba76b16991acad4c04c4b90b84660454cbd26892de5fc93fa9c379c2559c7

  • Size

    20KB

  • Sample

    250703-f8krkavlx6

  • MD5

    0b56482e76bc589939b1556b4b3cd020

  • SHA1

    aeda9a8d275a57cc74ada41988ae1b12400a4205

  • SHA256

    433ba76b16991acad4c04c4b90b84660454cbd26892de5fc93fa9c379c2559c7

  • SHA512

    2321d5960b8c7cbf94a2c6eee44fab50cd582030b337aa1528f11444237e9680228c62a64e7237551323e046f21df460f86ae86da82ff54ad8fe93469eccafd9

  • SSDEEP

    384:hAg+5OCZ4W6/KWLm8Q8NMeFoxVR6oxV8oxVR6oxVTR6FlLR6Flq:uZ4FLm8Q8Boxn6oxSoxn6ox1YFlLYFlq

Malware Config

Targets

    • Target

      433ba76b16991acad4c04c4b90b84660454cbd26892de5fc93fa9c379c2559c7

    • Size

      20KB

    • MD5

      0b56482e76bc589939b1556b4b3cd020

    • SHA1

      aeda9a8d275a57cc74ada41988ae1b12400a4205

    • SHA256

      433ba76b16991acad4c04c4b90b84660454cbd26892de5fc93fa9c379c2559c7

    • SHA512

      2321d5960b8c7cbf94a2c6eee44fab50cd582030b337aa1528f11444237e9680228c62a64e7237551323e046f21df460f86ae86da82ff54ad8fe93469eccafd9

    • SSDEEP

      384:hAg+5OCZ4W6/KWLm8Q8NMeFoxVR6oxV8oxVR6oxVTR6FlLR6Flq:uZ4FLm8Q8Boxn6oxSoxn6ox1YFlLYFlq

    • Cosmu

      Cosmu is a Windows worm written in C++.

    • Cosmu family

    • Detects Cosmu payload

      Cosmu is a worm written in C++.

    • Renames multiple (5203) files with added filename extension

      This suggests ransomware activity of encrypting all the files on the system.

MITRE ATT&CK Enterprise v16

Tasks