General

  • Target

    Gerador.zip

  • Size

    18KB

  • MD5

    2054de7c18d981858987e6f7e64fd808

  • SHA1

    ace760b85ad37fa12a3e65f3bfb0529362537bcf

  • SHA256

    7bf8b31e20e0d651fc7ec648cde247ee0a5319c3ce80ddfa99e018dc784306f5

  • SHA512

    c805d8b4f595e7fea85705908d0147ab7e774a9eecc6d35e3185b651884cfd8120941b97798b8969bffd3e41acc95b5a8357c3aed67b293a6f3355913ad053d4

  • SSDEEP

    384:bP4wU+ZyKsaCC+RU9jDDrkpLHAwFM3VOQswQflX:L4j+oxauUVDr8AwCVP7kX

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discordapp.com/api/webhooks/1137732376970141788/BSr_PjmFVxqp7BblluwN-skaCKmhCEBuP-YwdA2hmT3jW_c5O5Bp1veikMRnN19SZlMv

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Gerador.zip
    .zip
  • Gerador.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections