General
-
Target
fb1454d4d93e03243d5b4529e65f0580a07e30fb2446fa59efe652eb253adb30
-
Size
4.1MB
-
Sample
240405-cglb8saa52
-
MD5
08c1c75fa8aa4394b1718d8909c8d8d7
-
SHA1
8c1beb916c0610c398ae7d1eaf45954d6b40083a
-
SHA256
fb1454d4d93e03243d5b4529e65f0580a07e30fb2446fa59efe652eb253adb30
-
SHA512
1911e9fa332e0cce6995c64c1fe3b864d76da59b1fe007192d392abf42c94bfebdc6ea4fbe1ed45df6cd9d53beeac14e0c5ffe15189275b456796dadcaed016f
-
SSDEEP
49152:xXmM3+IVJiicn3HpKoQyvf7+OngFhpRelaJMuiGXMUjVqrn6BPVc:KdVjnaK8yZG+6Tc
Malware Config
Extracted
meduza
5.182.86.229
Targets
-
-
Target
fb1454d4d93e03243d5b4529e65f0580a07e30fb2446fa59efe652eb253adb30
-
Size
4.1MB
-
MD5
08c1c75fa8aa4394b1718d8909c8d8d7
-
SHA1
8c1beb916c0610c398ae7d1eaf45954d6b40083a
-
SHA256
fb1454d4d93e03243d5b4529e65f0580a07e30fb2446fa59efe652eb253adb30
-
SHA512
1911e9fa332e0cce6995c64c1fe3b864d76da59b1fe007192d392abf42c94bfebdc6ea4fbe1ed45df6cd9d53beeac14e0c5ffe15189275b456796dadcaed016f
-
SSDEEP
49152:xXmM3+IVJiicn3HpKoQyvf7+OngFhpRelaJMuiGXMUjVqrn6BPVc:KdVjnaK8yZG+6Tc
Score10/10-
Meduza
Meduza is a crypto wallet and info stealer written in C++.
-
Meduza Stealer payload
-
Accesses Microsoft Outlook profiles
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-