Extracted

• • Target

    Solara.exe

  • Size

    1.4MB

  • MD5

    8c6298202dd74e77b238f50a26a07233

  • SHA1

    6d71bb75a517e873a16398330dcda437cde26e6d

  • SHA256

    7cc4643e4b4a49820cb461ef005e129363c3336b9d28dde1aa397b7118f709f0

  • SHA512

    7856dee0adb985ef521e2c7ff7a1ffeb9b39f18743e2c18ad9cd3f6f9b87a70a1f9fde108492b8362b67910e82c9c18be57af65f8f2c5d90ed5494873ede96b1

  • SSDEEP

    24576:j6F4Df9Gpethg/Md+54x8C2p1ywbxpPzgXSX+O0b33fzEhsx7wHJL08b1YLl5wmr:j6FKf9Gwhg/++W6bp1rbxpPzJLu38sxl

  Score

  10^/10

  meduzastealer

  • Meduza

    Meduza is a crypto wallet and info stealer written in C++.

    stealermeduza

  • Meduza Stealer payload

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2