General
-
Target
thisistotallyanexternalandnotagrabber.exe
-
Size
41KB
-
MD5
a92b14abd6015ce47403388ab1a9fb9a
-
SHA1
1e7830c4c5edf89473eb4f5ec923b03fedbaa3b9
-
SHA256
909281cede68e81a55cbcc5d6cc536bbe8cedc034246a975a78172e04de51c39
-
SHA512
aa9bba8e96d1ac2541cb5ec32ee2deaf9e1904623b0eddb95eb9995f1fd50b08b3f0a62e7d0ad3369740e753bd3302e0c2a38bf23be61cb7b5bcb3072258e89d
-
SSDEEP
768:jscaIyImIXpC5QwxuZieCWTjRKZKfgm3EhB9:4c1IdbeCWT1F7En9
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1222329423873966182/DRznR59hHy0b0d8L7ISycdQ9ErUE8o5nTrmAOPhbaKWBrKrckdopR72WpGmxgfeuqdTH
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
thisistotallyanexternalandnotagrabber.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections