meduza | 0aeaf8afee14d5be2425ed7826c7895b1c318397ab7f3bb1523a9b62061c1ef8 | Triage

Resubmissions

11-10-2024 07:00

241011-hsnvds1aqa 10

07-08-2024 08:37

240807-kja82syfka 10

07-08-2024 08:30

240807-kd6g1ayemg 10

Sharing

General

Target

0aeaf8afee14d5be2425ed7826c7895b1c318397ab7f3bb1523a9b62061c1ef8
Size

1.1MB
Sample

240807-kd6g1ayemg
MD5

a765bc1136f4df890414e5bb6d916b29
SHA1

dae9c28c1faec5a8c05747fb3586e546a6c5c036
SHA256

0aeaf8afee14d5be2425ed7826c7895b1c318397ab7f3bb1523a9b62061c1ef8
SHA512

85a22d83e606bb3fa73bdb2e59eee7d6d0bf71758cec4dc050e5dab06999a59afdfd2402f127c23c0a8a24168f7b4d7ae9806e10d1f01b092e6d67b8d0f9ca64
SSDEEP

24576:2Sh4+aXWFagPVqs0SkOgsicIHG9Zsef9koA25CIelHPb:3hluLmq3cI0ZZfOot5F0z

Score

10^/10

meduza stealer

Malware Config

Targets

- Target
  
  643dde3f461907a94f145b3cd8fe37dbad63aec85a4e5ed759fe843b9214a8d2
- Size
  
  2.1MB
- MD5
  
  0468a32ad1ed1169e98b897d87f51164
- SHA1
  
  0d9dc54a5f91e6ed7d324c2a65b152a168d57b08
- SHA256
  
  643dde3f461907a94f145b3cd8fe37dbad63aec85a4e5ed759fe843b9214a8d2
- SHA512
  
  7deb90629608f3a227e96d948bbb4c78ad21e1eb659bfdab903d4f25bdb1e6c8af7edec9604274aa745dd90f8253e48fbccf661f2bc2b6609e5b8807645750ca
- SSDEEP
  
  24576:GQZEhAybJ37KtuUZ786qGbAJYhIRKPS0dJDhrI4ufnLVVx90e+7ym:WAC3a78sIRSGVV8V5
Score

10^/10

meduza stealer
- Meduza
  Meduza is a crypto wallet and info stealer written in C++.
  stealer meduza
- Meduza Stealer payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2