General
-
Target
2024-06-13_6ada2de2e067c5e7128f1ac950035e6d_cobalt-strike_medusa-locker
-
Size
669KB
-
MD5
6ada2de2e067c5e7128f1ac950035e6d
-
SHA1
1c5ad39a7d2ee8a65ab3b1c9daf6f8af9658cd41
-
SHA256
3759cf4c50d72baeed4415c9d5ac798d6a663e85dc85031cf207d4aa57130655
-
SHA512
0e13d5e5ce056b320298d223c3da01b0663a8ea66bd8c863cc2afc8a43f3c037b46d3918dc2a72ed3f793c0c0f74c037ed021ae984ec725d1c9546a341597802
-
SSDEEP
12288:TQA0FfTcwpBuV2UxqDmuiLZeUaoFi2XZWfGe615HhAZV8DnI:9uf4wTuV2Ux3uIZeUBi2Te6HWmI
Score
10/10
Malware Config
Signatures
-
Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
-
Detects command variations typically used by ransomware 1 IoCs
-
MedusaLocker payload 1 IoCs
-
Medusalocker family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2024-06-13_6ada2de2e067c5e7128f1ac950035e6d_cobalt-strike_medusa-locker
Headers
Sections