Overview

overview

10

Static

static

10

Image Logger V2.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Image Logger V2.bin.zip

  • Size

    17KB

  • Sample

    220624-dbf11abhg5

  • MD5

    a2fa6184867c8b54c84c19dc8bd6113e

  • SHA1

    afb54799ba4c13783f0a00ccbd5de53bbcababc5

  • SHA256

    e97854bcfa18853ca11d240954dff64318faf291b51c0582f4638f197d144a38

  • SHA512

    3165f76f2cf597c3597e9cf23b61fcddb909291404206b04d1c2d3945acc26dbcd322c2237707a3dab768ea9694fb9088d64dcd914fb0643b5efe99a7f8689be

Score
10/10
mercurialgrabberspywarestealer

Malware Config

Extracted

Family

mercurialgrabber

C2

https://ptb.discord.com/api/webhooks/984014031352365097/EbJO0e79UnIUScbkUE87492jHrMbUneT57OzZVNjyUMcI8xHlpKR1JM6XpOq96O32Gjg

Targets

    • Target

      Image Logger V2.bin

    • Size

      41KB

    • MD5

      bbef99ccaed3592b32c1c4c25fd2b19d

    • SHA1

      97417ef9d2caaa09be31bf4381a66872e411e20e

    • SHA256

      bb1f6d97c53b075930452c780c1e4e5eecb3f03d3cd91261cab7d275ceecceb5

    • SHA512

      db553003a80134eb22484d0e2b980110b4c0bff13643af58daaf12b4b5bff4c364c1bce735214c172433ed69ee71234f7e64af05a26d79762078fecf1b51cf6c

    Score
    10/10
    mercurialgrabberspywarestealer

    • Mercurial Grabber Stealer

      Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.

      stealermercurialgrabber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Process Discovery

1
T1057

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks