General
-
Target
https://github.com/NightfallGT/Mercurial-Grabber/releases/tag/v1.0
-
Sample
240512-x1p5rafb59
Score
7/10
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
https://github.com/NightfallGT/Mercurial-Grabber/releases/tag/v1.0
Resource
win11-20240508-en
windows11-21h2-x64
17 signatures
300 seconds
Malware Config
Targets
-
-
Target
https://github.com/NightfallGT/Mercurial-Grabber/releases/tag/v1.0
Score7/10-
Executes dropped EXE
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-