General

  • Target

    zoozy'spaid.exe

  • Size

    42KB

  • MD5

    b7070d641f8c3a615202f07a8084ceed

  • SHA1

    784c84ab5abb259128ea8f1ee18d20178408a037

  • SHA256

    4cf15b2dcc0d3eaad25d909168b97921a4b2f472bfb6b33a944069d860893bc5

  • SHA512

    3f8895d4e018e5173fb28415f5de062c85e871f9046cdb825955ec77cd48c6656bf0af8ee06e7c0792bb424a172c800d2a5316f03da28f4b905a242d08403f91

  • SSDEEP

    768:vn3gSmM4lMmkpb9mpFuZ4Lz7TjsJKZKfgm3EhQ/:vn3aMAibIpHLz7TEF7Ei/

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/1117245591584505976/dtCy_iynlngDI62qzyuaRzxCISq6spQZAnlU7oyabyVRxbeLdX2HJl_Bm3MDsLVxRq0R

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • zoozy'spaid.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections