General

  • Target

    Gui.exe

  • Size

    42KB

  • MD5

    a5639d9fba8eb4eef2f77df909dc2c42

  • SHA1

    85c7a13c66017f9fd0298e992387fe3af52f671f

  • SHA256

    dd5b2a55930e52f30ac8dbac1db74dc9466023b882e83255cf933a21d5cb7e74

  • SHA512

    61ed7402064d357242d8f80aea2cc1ed33b2c92873b27f9d277ba25f7b7ebf78884c5054a90a5bf9dd9ceccb79b53685f81b1b21e7d818bcecf52aa2f3481dd3

  • SSDEEP

    384:vTiFRrI2KMxYr9LFD25s/XTNTWvs/XZxIh/goJEFq5nmjzTAsZKQsLd/SfgUfAGL:PPS5s/jNmuZaLezTjZKZKfgm3EhP+

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/1140188713171828796/EdO0GFeboLY07OTk5287z6T5rsIIYIe6-vLDVXCqp-TT-g7bKeUkWn3LAxRwDEs8EqAs

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Gui.exe
    .exe windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections