General
-
Target
Discord volume up.exe
-
Size
44KB
-
MD5
caf2bee2bab72cba44e7a48ce122a802
-
SHA1
609a5c723e50f499f05169768fa6a6a595e0e9f5
-
SHA256
8407cdff15fb5f5fda9319233ed36514319cb9f0beca3ccd070dfeeae941e75f
-
SHA512
7ecd09fd23e319c1c88accde2263012b72ac59b8a57c54a14d68de0d9590487c23ba03c648107a0e536caa3ca4badfb6083a7923f17571a59985977f4efc2750
-
SSDEEP
768:xmL9j0QY8YwFZomMvuZKLCkTjhNKZKfgm3Eh+BlN96:QLbLY2R6LCkT7F7EAHN96
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1232345926203609129/boj6_wrTqBY1eXKl-xhVfTv2GmMDL3mi4GSx8zi2Aw9sBBtbDDaBWq3UFN2rItebxxjd
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Discord volume up.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections