General
-
Target
Minecraft Realistic Shades Pack.exe
-
Size
44KB
-
MD5
362b364d57781b6af61ddf4972435997
-
SHA1
2f5a00603ea850c8a88d92ee034418c4e7314883
-
SHA256
50d4d5c8a6b9fcd233e5aca2c59059d5b7633c80e58ba861d8152a153a148cfe
-
SHA512
76fcaacbfc9277d22d9e9f9dff6b85ea0f62909ac7bd4dcb954afb2add2cc486a7f29bd101248eef8dfeb4d01beaba8192a77b71ce438d56475a2935d32571aa
-
SSDEEP
768:9mDdN/fLgOukGuZ/LABTjtKZKfgm3Eh0WoE:9mfzbrXLABTpF7EyWo
Malware Config
Extracted
mercurialgrabber
https://discord.com/api/webhooks/1233395385381163029/bXoPS24yb2gh1irnWpsJMeqnojon0l-lF59jmnwJ9_5Z523t93WbIlgepEqZGMU63aZu
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Minecraft Realistic Shades Pack.exe
Files
-
Minecraft Realistic Shades Pack.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ