General

  • Target

    Gerador.zip

  • Size

    18KB

  • Sample

    230811-2qb8cshb55

  • MD5

    2054de7c18d981858987e6f7e64fd808

  • SHA1

    ace760b85ad37fa12a3e65f3bfb0529362537bcf

  • SHA256

    7bf8b31e20e0d651fc7ec648cde247ee0a5319c3ce80ddfa99e018dc784306f5

  • SHA512

    c805d8b4f595e7fea85705908d0147ab7e774a9eecc6d35e3185b651884cfd8120941b97798b8969bffd3e41acc95b5a8357c3aed67b293a6f3355913ad053d4

  • SSDEEP

    384:bP4wU+ZyKsaCC+RU9jDDrkpLHAwFM3VOQswQflX:L4j+oxauUVDr8AwCVP7kX

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discordapp.com/api/webhooks/1137732376970141788/BSr_PjmFVxqp7BblluwN-skaCKmhCEBuP-YwdA2hmT3jW_c5O5Bp1veikMRnN19SZlMv

Targets

    • Target

      Gerador.exe

    • Size

      42KB

    • MD5

      d0a24bb969b934df373005ad1d86847c

    • SHA1

      d406e4e0ace784c125a8e106ccbb03051916c63e

    • SHA256

      dfd07784906232802c3afda354ebd445b186db25eed65e4c3612d4a4a5beefc7

    • SHA512

      b11bd5da81fe63beccd2ddc8a55d2593d43eba5a7d085b6d7cfb2e2f7143d4d72cfb61852ddc6600bd9c691d1278ee5fed55a8e2db776f99c6f9d43a6686a00f

    • SSDEEP

      768:WmSPdxCGP4Q7YB8uZPLmRTjNKZKfgm3EhbSw:WDx8BNLmRTBF7EtN

    • Mercurial Grabber Stealer

      Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks