Mercurial_Grabber-cleaned[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Mercurial_Grabber-cleaned.exe
Size

211KB
MD5

1f190ce6a818a72441eb578cc3eedcde
SHA1

b7007c298e0f8c74cb8df516a93550d2f85707a8
SHA256

ae56d28372d9f71c29d4e87f2c620b31f34be64678cbc7b8586f9cd78b876272
SHA512

0eb39dd28b3dc8c05945c62dd661535f1db016bec61669de6da9a5201874a844593159b1cf73d4d778d1d8394bc4a51e7c098903d31c510cffdee2ac06b5329e
SSDEEP

3072:3hH+BJ2jjpkv8/uTHpGpBrcMnwsBKRt6ujAUtS88eN7btqKFtU6orW:3MJiA8Y8Br3nwsEzjAUL8eNHTor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Mercurial_Grabber-cleaned.exe

Files

Mercurial_Grabber-cleaned.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ