General
-
Target
tmp
-
Size
5.5MB
-
Sample
240419-tgc5asge46
-
MD5
e659b6b749fca9d7e3f180d4ab7ab9e7
-
SHA1
0b1e82833c266eed2d2674360eb2a99c7abab798
-
SHA256
a162e0a322aaa6aa33b9f612d1c4821e53c1ecb6f1eacea332c6a00fd5ceec6f
-
SHA512
ccaff427db8a1c8914840b80da5d08fc3c31be6f88e09666d0245e41e8090ac4ebb46172b0ed1c6fa54ea86251874ca2345370c8ea9e3750ab32890a257ed38f
-
SSDEEP
98304:8tt1lBiCkK4x/kWVVjMZQf5bhDvnuTtCOPjqDb9teNYWcWQ38UfxE/wzEP7Svg:8tt1lBi/K4x/kuVjMs5bhDctCOru9teb
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
meduza
109.107.181.83
Targets
-
-
Target
tmp
-
Size
5.5MB
-
MD5
e659b6b749fca9d7e3f180d4ab7ab9e7
-
SHA1
0b1e82833c266eed2d2674360eb2a99c7abab798
-
SHA256
a162e0a322aaa6aa33b9f612d1c4821e53c1ecb6f1eacea332c6a00fd5ceec6f
-
SHA512
ccaff427db8a1c8914840b80da5d08fc3c31be6f88e09666d0245e41e8090ac4ebb46172b0ed1c6fa54ea86251874ca2345370c8ea9e3750ab32890a257ed38f
-
SSDEEP
98304:8tt1lBiCkK4x/kWVVjMZQf5bhDvnuTtCOPjqDb9teNYWcWQ38UfxE/wzEP7Svg:8tt1lBi/K4x/kuVjMs5bhDctCOru9teb
Score10/10-
Detect ZGRat V1
-
Meduza Stealer payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-