General
-
Target
launcher.exe
-
Size
2.7MB
-
Sample
241212-fa3vgs1lfv
-
MD5
73befb05ad021fca09d59a1e35089af3
-
SHA1
356c7fbdb4cf91e5fcb8bccd5bc92e318b7c5f7a
-
SHA256
0e97cf001fc7831411268a2bcc9885f2a9f1c65d36f43df16649db7984d75de6
-
SHA512
2eed1205e9eed40d9dc4701a45931cddb6ae407f2ed9777715cfa531166d979ce189dac75ce59bb84d92a873310e96f002abcd5639712808c96135823ab43e30
-
SSDEEP
49152:Zrjcv3LpjhCDw1mY5QN7gxTnsa12ijA4J6rDje:b7naFj2
Static task
static1
Behavioral task
behavioral1
Sample
launcher.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
launcher.exe
Resource
win7-20240903-en
Behavioral task
behavioral3
Sample
launcher.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral4
Sample
launcher.exe
Resource
win10ltsc2021-20241023-en
Malware Config
Extracted
meduza
193.3.19.151
-
anti_dbg
true
-
anti_vm
true
-
build_name
hdont
-
extensions
.txt
-
grabber_max_size
4.194304e+06
-
port
15666
-
self_destruct
false
Targets
-
-
Target
launcher.exe
-
Size
2.7MB
-
MD5
73befb05ad021fca09d59a1e35089af3
-
SHA1
356c7fbdb4cf91e5fcb8bccd5bc92e318b7c5f7a
-
SHA256
0e97cf001fc7831411268a2bcc9885f2a9f1c65d36f43df16649db7984d75de6
-
SHA512
2eed1205e9eed40d9dc4701a45931cddb6ae407f2ed9777715cfa531166d979ce189dac75ce59bb84d92a873310e96f002abcd5639712808c96135823ab43e30
-
SSDEEP
49152:Zrjcv3LpjhCDw1mY5QN7gxTnsa12ijA4J6rDje:b7naFj2
-
Meduza Stealer payload
-
Meduza family
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Downloads MZ/PE file
-