meduza | 478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46 | Triage

Sharing

General

Target

478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46.exe
Size

1.8MB
Sample

240629-bla7dszhkk
MD5

1743b9303a76e843907a46c5202b00f3
SHA1

31faff7870a51a57999caf5814622517ba0cb778
SHA256

478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46
SHA512

1393976f517d91a29b1e37c470ac35203f67d6bf1e539308a86cbb752c4d7f165343a2c0485bec4ccc37b4ac6b95927b0a5af182f384bb59d1c4c72768160663
SSDEEP

24576:5UWFBXwhWTtTWITNYeGQEq+3iu8kEPGIyQ+cwa+Djo8+ST2Sjm1vkAyGcjgP:+Y8QD7BHyQ1EUvSaO+9Es

Score

10^/10

meduza stealer

Malware Config

Targets

- Target
  
  478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46.exe
- Size
  
  1.8MB
- MD5
  
  1743b9303a76e843907a46c5202b00f3
- SHA1
  
  31faff7870a51a57999caf5814622517ba0cb778
- SHA256
  
  478eb22a1f1be2ef6e70625cf42ca61c716389135acbb705c0e21f0cf330bf46
- SHA512
  
  1393976f517d91a29b1e37c470ac35203f67d6bf1e539308a86cbb752c4d7f165343a2c0485bec4ccc37b4ac6b95927b0a5af182f384bb59d1c4c72768160663
- SSDEEP
  
  24576:5UWFBXwhWTtTWITNYeGQEq+3iu8kEPGIyQ+cwa+Djo8+ST2Sjm1vkAyGcjgP:+Y8QD7BHyQ1EUvSaO+9Es
Score

10^/10

meduza stealer
- Meduza
  Meduza is a crypto wallet and info stealer written in C++.
  stealer meduza
- Meduza Stealer payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2