mercurialgrabber | 8418f2f5fab62a103d696fe0665bb096a521364365a0388c896f49ba53c29007 | Triage

Sharing

General

Target

da2d9a09c56c55e6f2c99273e209e024_JaffaCakes118
Size

54KB
Sample

240405-v2nbfaaa2w
MD5

da2d9a09c56c55e6f2c99273e209e024
SHA1

7f55d960bafe73fa7b176d6b0630d15aa2d2348e
SHA256

8418f2f5fab62a103d696fe0665bb096a521364365a0388c896f49ba53c29007
SHA512

1dd644a15a4031eb1e6567ba57bc4f50b575099264bb815d5dc343d8a45113b2a206a71a7fa65e73512db8223d14c0637de0edb4a464fbfda9771e8f25807b71
SSDEEP

768:gyl6vxsw4WPuOKmKi6pFdGf0WBREhLp9rcn3Xvrxuf9tm9iaO:cH4CemNYUnE79qPluf9tm93

Score

10^/10

mercurialgrabber spyware stealer

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/895081835229499422/C-4p6FnV3BBEaxrHGblW5uYHAslOZ537qLkTyrUjFpLp6mKG29Z41veKjaEZ6m_o7XGT

Targets

- Target
  
  da2d9a09c56c55e6f2c99273e209e024_JaffaCakes118
- Size
  
  54KB
- MD5
  
  da2d9a09c56c55e6f2c99273e209e024
- SHA1
  
  7f55d960bafe73fa7b176d6b0630d15aa2d2348e
- SHA256
  
  8418f2f5fab62a103d696fe0665bb096a521364365a0388c896f49ba53c29007
- SHA512
  
  1dd644a15a4031eb1e6567ba57bc4f50b575099264bb815d5dc343d8a45113b2a206a71a7fa65e73512db8223d14c0637de0edb4a464fbfda9771e8f25807b71
- SSDEEP
  
  768:gyl6vxsw4WPuOKmKi6pFdGf0WBREhLp9rcn3Xvrxuf9tm9iaO:cH4CemNYUnE79qPluf9tm93
Score

10^/10

mercurialgrabber spyware stealer
- Mercurial Grabber Stealer
  Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.
  stealer mercurialgrabber
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

mercurialgrabber

behavioral1

mercurialgrabberspywarestealer

behavioral2

mercurialgrabberspywarestealer