Behavioral task
behavioral1
Sample
ez panel v1.00.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
ez panel v1.00.exe
Resource
win10v2004-20220812-en
General
-
Target
ez panel v1.00.exe
-
Size
190KB
-
MD5
81d63db02fc4340a0a650afcdb4ad52f
-
SHA1
d05fde23581b854d545eb999b828972e459c2e2f
-
SHA256
29d15fe37016d36b92515e8fa662e4716fbceb997f8fc4953ccf44f3044751f8
-
SHA512
1649a75be6b827c8c518f2cd56669896e26a3980a8dee93313a537c842ae9449b16c3b3095b14093c45c718513528012e7f86546a3c942f113b7f4749ba99176
-
SSDEEP
1536:2Mhto0LYSTpF7EHZpeDY4nwPcySMh/21z:2H0L9TpF7EHZpeU4wkySMh/
Malware Config
Extracted
mercurialgrabber
https://discord.com/api/webhooks/1047651409690099852/ZgKSrCZ-jJU-Qcge9dQmjydFOs1yONzShLWmXVSPFU8KmQyBM4-4z79eckSacZbvp6dS
Signatures
-
Mercurialgrabber family
Files
-
ez panel v1.00.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 150KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ