meduza | 83807d120841b596969c1743a9fa1836a2ce5fea941f3a627e0dabd7878ce479 | Triage

Submit
Reports

Overview

overview

Static

static

3

executorInstaller.exe

windows11-21h2-x64

Sharing

General

Target

executorInstaller.exe
Size

36.0MB
Sample

250109-y9fs4szpa1
MD5

19a3a6307f17a18ec4a00e00d015372f
SHA1

8a05bc9961583710fd6ac7846e782385c79e07da
SHA256

83807d120841b596969c1743a9fa1836a2ce5fea941f3a627e0dabd7878ce479
SHA512

64e388c1e4c4a175a22e9f52d8cef797933f76830c6c20819b970d1c67c87ee9a5e960278dd1e1bb58fb35e784d3c0dc5d42623e778d6002a07eeac22ea3502f
SSDEEP

196608:EdyKwYFXGdPUD1cdEeok12Tx0B8P8Dd2RJ:YNGCeok1cPdr

Score

10^/10

meduza stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

executorInstaller.exe

Resource

win11-20241007-en

windows11-21h2-x64

7 signatures

900 seconds

Malware Config

Extracted

Family

meduza

C2

45.130.145.152

Attributes

anti_dbg
true
anti_vm
true
build_name
Work
extensions
.txt;.doc;.docx;.pdf;.xls;.xlsx;.log;.db;.sqlite
grabber_max_size
4.194304e+06
port
15666
self_destruct
false

Targets

- Target
  
  executorInstaller.exe
- Size
  
  36.0MB
- MD5
  
  19a3a6307f17a18ec4a00e00d015372f
- SHA1
  
  8a05bc9961583710fd6ac7846e782385c79e07da
- SHA256
  
  83807d120841b596969c1743a9fa1836a2ce5fea941f3a627e0dabd7878ce479
- SHA512
  
  64e388c1e4c4a175a22e9f52d8cef797933f76830c6c20819b970d1c67c87ee9a5e960278dd1e1bb58fb35e784d3c0dc5d42623e778d6002a07eeac22ea3502f
- SSDEEP
  
  196608:EdyKwYFXGdPUD1cdEeok12Tx0B8P8Dd2RJ:YNGCeok1cPdr
Score

10^/10

meduza stealer
- Meduza
  Meduza is a crypto wallet and info stealer written in C++.
  stealer meduza
- Meduza Stealer payload
- Meduza family
  meduza
- Executes dropped EXE
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy