Behavioral task
behavioral1
Sample
L0L.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
L0L.exe
Resource
win10v2004-20221111-en
General
-
Target
L0L.exe
-
Size
228KB
-
MD5
30e8c3e24ceadb91b5ac00d2a4dcaa2d
-
SHA1
28f8be4d8388dc31aa7b9b428a52a7df8a491b30
-
SHA256
f7f3029ee8d0e6d79e5b59dfb4c240bfd561be57d8a514dda85b66266bc7a550
-
SHA512
f8bc03db954a47bc431a3279829c7095a7d0414e178309e235127c5cce8f9472c6ae015764d00a7c80cc2c0c4bd3aa88d4b9707dba36b3185722b58074b30f09
-
SSDEEP
6144:xqWi8Q3RGLpEegln1Els6MZwT4xDX2HmrOwV5xwrIS+:xqWi8sRGLpEegR1Els6MZwT4xDX2Hmrb
Malware Config
Extracted
mercurialgrabber
https://discord.com/api/webhooks/1064461413537554452/nv2UJX-AZnzYUZKOQB_EXnrWE8_HmaSCM2V51c586Fm8mKpkA1JIaf-NJ3Ya5vq7xEEv
Signatures
-
Mercurialgrabber family
Files
-
L0L.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 187KB - Virtual size: 187KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ