General
-
Target
2025-05-04_45106b4b7b05acd4d5eb162a09a6aa0b_black-basta_cobalt-strike_satacom
-
Size
2.2MB
-
Sample
250504-ty5wmshn8z
-
MD5
45106b4b7b05acd4d5eb162a09a6aa0b
-
SHA1
9ebc825efcc36b9cea129aebac9a1f6c1f5ea8db
-
SHA256
4cd85542985e2335b9c6418857c057277ef260aa7c287f35a12a84b399f8dbf9
-
SHA512
221ebb6fe1351421812f2833d5ef67487520e32c339e12918f49d9f91ccfb3e7203ab24ba78573bc7af72bcb45fdd83e8cce02b1ba3f7dfe54409e8d7c03c98e
-
SSDEEP
49152:0o4nOn8huOxcEeWJa4q2Fi/mU5QyrIx6hpfou+7qN8vCMP:t8JhuscEeWJa4q2Fi/f5QFwpfod7vKMP
Static task
static1
Malware Config
Extracted
meduza
21
109.107.181.162
-
anti_dbg
true
-
anti_vm
true
-
build_name
21
-
extensions
none
-
grabber_maximum_size
1048576
-
links
none
-
port
15666
-
self_destruct
true
Targets
-
-
Target
2025-05-04_45106b4b7b05acd4d5eb162a09a6aa0b_black-basta_cobalt-strike_satacom
-
Size
2.2MB
-
MD5
45106b4b7b05acd4d5eb162a09a6aa0b
-
SHA1
9ebc825efcc36b9cea129aebac9a1f6c1f5ea8db
-
SHA256
4cd85542985e2335b9c6418857c057277ef260aa7c287f35a12a84b399f8dbf9
-
SHA512
221ebb6fe1351421812f2833d5ef67487520e32c339e12918f49d9f91ccfb3e7203ab24ba78573bc7af72bcb45fdd83e8cce02b1ba3f7dfe54409e8d7c03c98e
-
SSDEEP
49152:0o4nOn8huOxcEeWJa4q2Fi/mU5QyrIx6hpfou+7qN8vCMP:t8JhuscEeWJa4q2Fi/f5QFwpfod7vKMP
-
Meduza Stealer payload
-
Meduza family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-