General

  • Target

    meduza_1.zip

  • Size

    497KB

  • MD5

    f409b728c213e064a7650dbe1ee01b6d

  • SHA1

    1082206f8081194495fb85148f1a48b8ed253a83

  • SHA256

    430854314514a8b8fde7be91dc96f8634da20cf3bde9ccb906639349f9a6117a

  • SHA512

    b7b830a5a8ee1c966623e98a910bb27f66d92e7075a9a8db309716ab354afe958bffaa256881f0921a04d5896c6cb2f8c9b98bb2cd6dea3716c372c60dc2e346

  • SSDEEP

    12288:qgjJTh6db2FBTLKTWXCfgwF/bocXoU6Cae:qCTQb27TOWSfgwF/bN4Ux

Score
10/10

Malware Config

Extracted

Family

meduza

C2

109.107.181.162

Attributes
  • anti_dbg

    true

  • anti_vm

    true

  • build_name

    565

  • extensions

    none

  • grabber_max_size

    1.048576e+06

  • links

    none

  • port

    15666

  • self_destruct

    true

Signatures

  • Meduza Stealer payload 1 IoCs
  • Meduza family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • meduza_1.zip
    .zip
  • meduza_1.bin
    .exe windows:6 windows x64 arch:x64

    807eb81070e31b6f9cabdbf275ed06f5


    Headers

    Imports

    Sections