General

  • Target

    14-11-2023_VUBSUFEkriWDh1D.rar

  • Size

    11.6MB

  • MD5

    4be2e7f28c6fd64cee77c73f46359548

  • SHA1

    327a78d1f0b87418d612c656592b7d5b57d260d3

  • SHA256

    ba21c2f23d365ac2809dac09e2b41c2b345d17bef526ad6623b6920ea28dc61b

  • SHA512

    243bdf001ec81fcfb23c22806be8e12cf273053aeb62a10c2051f3c2943c8e35d687bca1d0e5f0a2335a96666d928ed6c3cf1e0063b70d9e4f7a6bb9c0ff9191

  • SSDEEP

    196608:L1ePaxxQJH2eFEdbHBhg2Xkb/8tz6GSh41KTx6G981T2JV15sjl+oBnlTyZW+mrn:LgPmeN6AjE6GSCKNL15gllnMPoEfENAq

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/887304484844339250/sTQt9knbeiUf2bJPMZ4uxOEZ2mFmxtbw1S3JZvhKpMU-hSQtSzNllJidmjM8oJmI2wpt

Signatures

  • Mercurialgrabber family
  • Detects Pyinstaller 1 IoCs
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 14-11-2023_VUBSUFEkriWDh1D.rar
    .rar
  • AveryNuker-main/README.md
  • AveryNuker-main/RUN THIS.bat
  • AveryNuker-main/Scraped/avery.exe
    .exe windows:5 windows x64

    bb2292057634957dfa559b6eef7b52d8


    Headers

    Imports

    Sections

  • avery.pyc
  • AveryNuker-main/Scraped/channels.txt
  • AveryNuker-main/Scraped/members.txt
  • AveryNuker-main/Scraped/roles.txt
  • AveryNuker-main/avery.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • AveryNuker-main/avery.py