Behavioral task
behavioral1
Sample
Virus.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Virus.exe
Resource
win10v2004-20220901-en
General
-
Target
Virus.exe
-
Size
42KB
-
MD5
80db43cd45ea78ea3f1a75417ad77e81
-
SHA1
3ce8978e4db27b6652f9fcdae16e7be8df74b6a4
-
SHA256
63ffc1d007e94fccd4086557660db2c554ce86ceece27b29bcded4ecf6cd5596
-
SHA512
56b889cb56b71a1804cc2a554b53833883ecc88920221dbf63ac5ba0fb4faa8d1f4b2feaf2135c195c9634df3181df35f4a9e5b929a12a1280aab69102356251
-
SSDEEP
768:PiSbhgOpRTs+Ze+uZwLpvTjMLKZKfgm3Ehj+:PtZpRTNZZLpvTYLF7Ex+
Malware Config
Extracted
mercurialgrabber
https://discord.com/api/webhooks/1025859706373296138/RTELJNdCxYhdj6ZzM2cwNuXYgqUFjRz_CmoH5uJORXdkYOcKOXWAB79omPP_FUG0WzNG
Signatures
-
Mercurialgrabber family
Files
-
Virus.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ