Overview

overview

10

Static

static

3

478eb22a1f...46.exe

windows7-x64

1

478eb22a1f...46.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46.exe

  • Size

    1.8MB

  • Sample

    240629-bla7dszhkk

  • MD5

    1743b9303a76e843907a46c5202b00f3

  • SHA1

    31faff7870a51a57999caf5814622517ba0cb778

  • SHA256

    478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46

  • SHA512

    1393976f517d91a29b1e37c470ac35203f67d6bf1e539308a86cbb752c4d7f165343a2c0485bec4ccc37b4ac6b95927b0a5af182f384bb59d1c4c72768160663

  • SSDEEP

    24576:5UWFBXwhWTtTWITNYeGQEq+3iu8kEPGIyQ+cwa+Djo8+ST2Sjm1vkAyGcjgP:+Y8QD7BHyQ1EUvSaO+9Es

Score
10/10
meduzastealer

Malware Config

Targets

    • Target

      478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46.exe

    • Size

      1.8MB

    • MD5

      1743b9303a76e843907a46c5202b00f3

    • SHA1

      31faff7870a51a57999caf5814622517ba0cb778

    • SHA256

      478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46

    • SHA512

      1393976f517d91a29b1e37c470ac35203f67d6bf1e539308a86cbb752c4d7f165343a2c0485bec4ccc37b4ac6b95927b0a5af182f384bb59d1c4c72768160663

    • SSDEEP

      24576:5UWFBXwhWTtTWITNYeGQEq+3iu8kEPGIyQ+cwa+Djo8+ST2Sjm1vkAyGcjgP:+Y8QD7BHyQ1EUvSaO+9Es

    Score
    10/10
    meduzastealer

    • Meduza

      Meduza is a crypto wallet and info stealer written in C++.

      stealermeduza

    • Meduza Stealer payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks