General

  • Target

    2025-05-04_45106b4b7b05acd4d5eb162a09a6aa0b_black-basta_cobalt-strike_satacom

  • Size

    2.2MB

  • Sample

    250504-ty5wmshn8z

  • MD5

    45106b4b7b05acd4d5eb162a09a6aa0b

  • SHA1

    9ebc825efcc36b9cea129aebac9a1f6c1f5ea8db

  • SHA256

    4cd85542985e2335b9c6418857c057277ef260aa7c287f35a12a84b399f8dbf9

  • SHA512

    221ebb6fe1351421812f2833d5ef67487520e32c339e12918f49d9f91ccfb3e7203ab24ba78573bc7af72bcb45fdd83e8cce02b1ba3f7dfe54409e8d7c03c98e

  • SSDEEP

    49152:0o4nOn8huOxcEeWJa4q2Fi/mU5QyrIx6hpfou+7qN8vCMP:t8JhuscEeWJa4q2Fi/f5QFwpfod7vKMP

Score
10/10

Malware Config

Extracted

Family

meduza

Botnet

21

C2

109.107.181.162

Attributes
  • anti_dbg

    true

  • anti_vm

    true

  • build_name

    21

  • extensions

    none

  • grabber_maximum_size

    1048576

  • links

    none

  • port

    15666

  • self_destruct

    true

Targets

    • Target

      2025-05-04_45106b4b7b05acd4d5eb162a09a6aa0b_black-basta_cobalt-strike_satacom

    • Size

      2.2MB

    • MD5

      45106b4b7b05acd4d5eb162a09a6aa0b

    • SHA1

      9ebc825efcc36b9cea129aebac9a1f6c1f5ea8db

    • SHA256

      4cd85542985e2335b9c6418857c057277ef260aa7c287f35a12a84b399f8dbf9

    • SHA512

      221ebb6fe1351421812f2833d5ef67487520e32c339e12918f49d9f91ccfb3e7203ab24ba78573bc7af72bcb45fdd83e8cce02b1ba3f7dfe54409e8d7c03c98e

    • SSDEEP

      49152:0o4nOn8huOxcEeWJa4q2Fi/mU5QyrIx6hpfou+7qN8vCMP:t8JhuscEeWJa4q2Fi/f5QFwpfod7vKMP

    Score
    10/10
    • Meduza

      Meduza is a crypto wallet and info stealer written in C++.

    • Meduza Stealer payload

    • Meduza family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v16

Tasks