Extracted

• • Target

    czity.exe

  • Size

    41KB

  • MD5

    f9787bb996642a620760f0344fc31cd1

  • SHA1

    e6b2baf658c3cd15b2d31e589bd09d1a768ad74a

  • SHA256

    932448e541f2105f522ae63d97d739f735252d627582f31fcd4de6552f1dba88

  • SHA512

    bab3790c428e855f20e6eb61121caa1f523eec57f5e26ef236d8aefff556c02396e9217e06ae097df15474955383e60da0b083bb8eaeabaa4357bfdc1a923b79

  • SSDEEP

    768:hscaIiIEI/gB1wtpuZce/WTj+KZKfgm3Ehzb:ec1yYgB0e/WTKF7Exb

  Score

  10^/10

  mercurialgrabberspywarestealer

  • Mercurial Grabber Stealer

    Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.

    stealermercurialgrabber

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1