General
-
Target
1689dffc1e73cdeb1d9a4e671412816e.bin
-
Size
18KB
-
MD5
ac1dd3e4aaac72b0262e0cb3e81fc130
-
SHA1
e8948cbafd0dd1e22347227d34703886c08ab51b
-
SHA256
36697dcacb24afaca501edc09d9ca2ce161abb9abf0b0c527b374125f2151580
-
SHA512
6cc2a6ac518386cba02679ae0b15995ae9801cabf7fc3e22d3712baa13217558066ae7084ecc8cf69fa99cb0abc602fae335b6923ec56f21dd2f119d6c5c78cb
-
SSDEEP
384:pCqZXqOwg0qoIbJtoASadLQRdDJgI8BilsZn4VJQ:pBdmqRoAzdaBJgzZ40
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/977976769548255272/WjivQonZRXcZP2_JHbnYGt-N9ZAhJY4ZvmzB8VRuMXHWezW7Oe1HFRaEtPt_IzCPISA6
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
1689dffc1e73cdeb1d9a4e671412816e.bin
Password: infected
-
17de798cb189cb705b5fb50f420827ba90f18e34831dd8b84be013d5d339b01a.exe
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections