mercurialgrabber | L0L[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

L0L.exe

windows7-x64

L0L.exe

windows10-2004-x64

Sharing

Static task

static1

mercurialgrabber

1 signatures

Behavioral task

behavioral1

Sample

L0L.exe

Resource

win7-20221111-en

mercurialgrabber evasion spyware stealer

windows7-x64

15 signatures

1800 seconds

Behavioral task

behavioral2

Sample

L0L.exe

Resource

win10v2004-20221111-en

mercurialgrabber evasion spyware stealer

windows10-2004-x64

13 signatures

1800 seconds

General

Target

L0L.exe
Size

228KB
MD5

30e8c3e24ceadb91b5ac00d2a4dcaa2d
SHA1

28f8be4d8388dc31aa7b9b428a52a7df8a491b30
SHA256

f7f3029ee8d0e6d79e5b59dfb4c240bfd561be57d8a514dda85b66266bc7a550
SHA512

f8bc03db954a47bc431a3279829c7095a7d0414e178309e235127c5cce8f9472c6ae015764d00a7c80cc2c0c4bd3aa88d4b9707dba36b3185722b58074b30f09
SSDEEP

6144:xqWi8Q3RGLpEegln1Els6MZwT4xDX2HmrOwV5xwrIS+:xqWi8sRGLpEegR1Els6MZwT4xDX2Hmrb

Score

10^/10

mercurialgrabber

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/1064461413537554452/nv2UJX-AZnzYUZKOQB_EXnrWE8_HmaSCM2V51c586Fm8mKpkA1JIaf-NJ3Ya5vq7xEEv

Signatures

Mercurialgrabber family
mercurialgrabber

Files

L0L.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy