General
-
Target
SIGMA.exe
-
Size
41KB
-
MD5
120be0ffd52d92cc54c3b54bba6e1c22
-
SHA1
f45ca3ef36a0d92a81032b49b614a14ac75bbafe
-
SHA256
8861fd9a6122e811cd14c254db4c640349ae1828eb3f83fbfc6913a5a03f7521
-
SHA512
cabc854828d8c30bf79bbf72e738179249e04515fbc99a48492310c1574628ed97b13232043cc6e429b0d0bbd3e9d0389b6a1b9d69f9957e636f3dbfefb6ecec
-
SSDEEP
768:6scWcQTx/gB1wtduZ0eEWTjZKZKfgm3Ehp7:ZcOVgBEeEWT1F7Er7
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discordapp.com/api/webhooks/1257501543238996110/011cWPmmh2h6aiJF4LoSMNcZu5MnfVTFHxiIMzRA2XTsgEZKx_7ZykxSo1PhMZVb502B
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
SIGMA.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections