Overview

overview

10

Static

static

10

2392-7-0x0...ry.exe

windows7-x64

2392-7-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2392-7-0x0000000140000000-0x0000000140147000-memory.dmp

  • Size

    1.3MB

  • MD5

    b6d4c672d5e6426c9a0bc2970fa51b0a

  • SHA1

    58dc57c2b517e70688e1902a423cb41f48a93e3a

  • SHA256

    a88b91adbc9a19018ff4c8d2b0d59dfb3f762aa8e2ba683a7dc43468b70fa57d

  • SHA512

    87aa2406bacd3462c6a8419a51be8b57fce65e7aa8d3beb0e63e91616a5b896233996e8ac17d4929471f85fc1f8f88ef9a004528a17221e0ecef50b30ff56b3b

  • SSDEEP

    24576:Mipr9m6iIS/QEC446VNdbO9UmqDZ+RxQI3Nt5Q4s+h0lhSMXlHG0yzp:ndE6iIS/8446VNeVI+RxQI9nUrW0

Score
10/10
meduza

Malware Config

Extracted

Family

meduza

C2

176.124.204.206

Attributes
  • anti_dbg

    true

  • anti_vm

    true

  • build_name

    mob2

  • extensions

    .txt

  • grabber_max_size

    4.194304e+06

  • port

    15666

  • self_destruct

    false

Signatures

  • Meduza Stealer payload 1 IoCs
  • Meduza family
    meduza
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2392-7-0x0000000140000000-0x0000000140147000-memory.dmp
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections