General

  • Target

    f0f18bc9fde3a2850814c5aa8720a60a_JaffaCakes118

  • Size

    251KB

  • MD5

    f0f18bc9fde3a2850814c5aa8720a60a

  • SHA1

    6b4d7b0a834acac19d3e000baef33c189d6de6e2

  • SHA256

    cd054380dd8340a48b80bb707a53a526e74080ed7013731d2a695ae3216c654b

  • SHA512

    30ba79ffaa6d274689b4583bf32e12f9b171f7e2089b8c0003719ae8528c82e0b4f70df6f4de279fb7104188db22acde247cdbd38b703b9b296742e7b9123d5a

  • SSDEEP

    6144:NkrjBJ7NevL4zZDIKGV8z3kuVFML/c6P:NkRVNuktDRTI

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/875481193993371748/t7IHV3pQMZ09Rf609CpkWo0Ily_70_5E-TqS9u3xSZQQIZ2gTRfd-tqcEG22P7BA_kbI

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f0f18bc9fde3a2850814c5aa8720a60a_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections