Extracted

• • Target

    KrampusCodeFixerV2.3.exe

  • Size

    45KB

  • MD5

    ac7f33c23569ae7e3ba963d6a5e55fd0

  • SHA1

    2d231e29c5b5964efa91c7d1c6364caea2fc20a3

  • SHA256

    b2a1e1a0dd89bcb9d7580e9bcf525309f5475ca79f4a616915f9c11c0603c3d8

  • SHA512

    af2ed21937313aa210284ceec3a6af05faa0cb5e6d8830bcd805af760d9a8302ac47f1337e4750de7549e58bc06c07aaec3521ca6cc3453811ed5c1f8384876a

  • SSDEEP

    768:u67M4FNqV16uH76TuZwL4JTjMKZKfgm3Eh5if:u67hq+a6PL4JT4F7Efi

  Score

  10^/10

  mercurialgrabberspywarestealer

  • Mercurial Grabber Stealer

    Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.

    stealermercurialgrabber

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Legitimate hosting services abused for malware hosting/C2

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1