Mercurial_Grabber-cleaned[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Mercurial_Grabber-cleaned.exe
Size

211KB
MD5

7e8a9d734d49c89d192b18168ba2ec08
SHA1

06d8c5863a20406b16835efaf1ba81445c419c5e
SHA256

f4b8451d4437b5f101af32afbb0836f519fdd718f4441c8793b8daeb222c634e
SHA512

952616d01b4fe1e85a6dc6e478f7dce3d818e67f6b7be040120500bbad3d2d0136770a83e5b41d754513183740e6d9373010701b9e1b6433ee65c69382bccf67
SSDEEP

6144:kkuyJkrDYZ4GlDSNb0AkgjAUL8eNHjbP2:kkuyJkq4GE3P2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Mercurial_Grabber-cleaned.exe

Files

Mercurial_Grabber-cleaned.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ