Extracted

• • Target

    73171634ceb5c5007cf78a6f32d6633590830f39f4e5311a4f323a4d44975ca7

  • Size

    710KB

  • MD5

    a56e3df8626cce4f50fe2aeb701143b9

  • SHA1

    cb2299427c7331e58d7835594bfd457bbb33cdd5

  • SHA256

    73171634ceb5c5007cf78a6f32d6633590830f39f4e5311a4f323a4d44975ca7

  • SHA512

    b77c808a9159e73e5dd06006e262c9bd514c95b835046aed9a8ea32360c8075e81b5def9e9dad4c6e3000e561051362e17e98c77065bf282e1e937ed1947c043

  • SSDEEP

    12288:YdZxe/23RX91E/6dMz4PZoQPYitmenbxaR8TFTmXlLJgog1v8e8:G+8R32wMz4PzMCxa6T4XluR

  Score

  10^/10

  meduzaspywarestealer

  • Meduza

    Meduza is a crypto wallet and info stealer written in C++.

    stealermeduza

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2