General

  • Target

    FNMods By dzekonunkramponu_1907.exe

  • Size

    41KB

  • MD5

    2476c03ed785f2e8d6f650166b8bc8a2

  • SHA1

    6204bb5ea7a1be798fc96282ef8addfc28448a08

  • SHA256

    1e55f962f30eed4176308e40c93919ab29009b5fafe60f3dd4c9f4555a3602c3

  • SHA512

    89aca4571c8791f6fbb05faec947789ad33acfd72f03eaee8c452f8dd597bdfcd7080d7ecc35a9522920a20209d29922f79f7b17262598278edcab2cc669d395

  • SSDEEP

    768:evscaIyI8SPuHKwnuZCeiWTjzKZKfgm3Ehxl:Zc1++OZeiWTPF7E/l

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/1122463751438872596/e_mrqsTymmDv97OA5__A-io6FrMPIUzm2y3P2O1YYqxy7SHhq_IXwnW1DfphiCgwtS26

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • FNMods By dzekonunkramponu_1907.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections