Overview

overview

10

Static

static

10

2024-06-24...er.exe

windows7-x64

1

2024-06-24...er.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-06-24_91f04a8a9bd3b68f6b62479eb915af6f_cobalt-strike_medusa-locker

  • Size

    678KB

  • MD5

    91f04a8a9bd3b68f6b62479eb915af6f

  • SHA1

    fb11c2e6eaedf94675b9a606cff07314a6ba2141

  • SHA256

    6612271bac6fcdda5e7081ce6777018fad4bb0f32354cb281387a11c851bcc08

  • SHA512

    7bc3787dcb03149bed5902f3682cfc6afc8eaceaa7c4a9ed4a4ada4b5480bea5f46147732e389fcb3565eaae239f71f3673991fa48ef50cca8ad446e045d7dfb

  • SSDEEP

    12288:+PJ4UhTYQivI2qZ7aSgLwkFVpzUvest4ZEbjJ4ugP:feTYVQ2qZ7aSgLwuVfstRJ4v

Score
10/10
medusalocker

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Detects command variations typically used by ransomware 1 IoCs
  • MedusaLocker payload 1 IoCs
  • Medusalocker family
    medusalocker
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-06-24_91f04a8a9bd3b68f6b62479eb915af6f_cobalt-strike_medusa-locker
    .exe windows:6 windows x86 arch:x86


    Headers

    Sections