meduza | 47310c56561c49371d9365b765792aacb7613c8ad566e3f6aec43aa8517e041f | Triage

Submit
Reports

Overview

overview

Static

static

3

qr-code.png

windows10-ltsc 2021-x64

Resubmissions

20/02/2025, 10:26

250220-mgk2kssrbl 9

20/02/2025, 10:13

250220-l868fssmds 8

20/02/2025, 09:48

250220-ls8rcasjaw 10

20/02/2025, 09:41

250220-lnzymsskgn 10

Sharing

General

Target

qr-code.png
Size

21KB
Sample

250220-ls8rcasjaw
MD5

48405ae35cd148c57494edc4bac3d387
SHA1

8032d3501fcecd4cd50259d24835ca6bc2996164
SHA256

47310c56561c49371d9365b765792aacb7613c8ad566e3f6aec43aa8517e041f
SHA512

928ff81abf044e238cfc21b06b543673baa2198ef852bc20a7fbf58aacfa3df16c4458632714f308a4841070a6478f20f737cb65c1cef423d83ef287c657e670
SSDEEP

48:sQGcxn8CTL6QT0KNHcRtWSt5SmVjCuqJXkYQEB11ov5N:HLnFL6QTZNHQWRmVjck/21S5N

Score

10^/10

meduza defense_evasion discovery link qr stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

qr-code.png

Resource

win10ltsc2021-20250217-en

meduza defense_evasion discovery stealer trojan

windows10-ltsc 2021-x64

26 signatures

300 seconds

Malware Config

Targets

- Target
  
  qr-code.png
- Size
  
  21KB
- MD5
  
  48405ae35cd148c57494edc4bac3d387
- SHA1
  
  8032d3501fcecd4cd50259d24835ca6bc2996164
- SHA256
  
  47310c56561c49371d9365b765792aacb7613c8ad566e3f6aec43aa8517e041f
- SHA512
  
  928ff81abf044e238cfc21b06b543673baa2198ef852bc20a7fbf58aacfa3df16c4458632714f308a4841070a6478f20f737cb65c1cef423d83ef287c657e670
- SSDEEP
  
  48:sQGcxn8CTL6QT0KNHcRtWSt5SmVjCuqJXkYQEB11ov5N:HLnFL6QTZNHQWRmVjck/21S5N
Score

10^/10

meduza defense_evasion discovery stealer trojan
- Meduza
  Meduza is a crypto wallet and info stealer written in C++.
  stealer meduza
- Meduza Stealer payload
- Meduza family
  meduza
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  defense_evasion trojan
- Legitimate hosting services abused for malware hosting/C2
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Network Share Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

meduzadefense_evasiondiscoverystealertrojan

© 2018-2025

Terms | Privacy