General
-
Target
https://github.com/hugodq/Wave-executor
-
Sample
241119-gwy9vs1lev
Score
10/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com/hugodq/Wave-executor
Resource
win10v2004-20241007-en
windows10-2004-x64
18 signatures
150 seconds
Malware Config
Extracted
Family
meduza
C2
109.107.181.162
Attributes
-
anti_dbg
true
-
anti_vm
true
-
build_name
6
-
extensions
none
-
grabber_max_size
1.048576e+06
-
links
none
-
port
15666
-
self_destruct
true
Targets
-
-
Target
https://github.com/hugodq/Wave-executor
Score10/10-
Meduza Stealer payload
-
Meduza family
-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-