mercurialgrabber | hxxps://github[.]com/Joe36311/Mercurial-Grabber | Triage

Submit
Reports

Overview

overview

Static

static

1

URLScan

urlscan

https://github.com/J...

windows10-1703-x64

Sharing

General

Target

https://github.com/Joe36311/Mercurial-Grabber
Sample

240710-h4tvsatenk

Score

10^/10

mercurialgrabber evasion stealer

Static task

static1

URLScan task

urlscan1

Behavioral task

behavioral1

Sample

https://github.com/Joe36311/Mercurial-Grabber

Resource

win10-20240611-en

mercurialgrabber evasion stealer

windows10-1703-x64

17 signatures

120 seconds

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/898068237718261761/KniB9I7FAGbgiwGV6ub2_uE7GuQWTm94T_kcHonylqs73StuEGI3OqzKwT56iONTU2oh

Targets

- Target
  
  https://github.com/Joe36311/Mercurial-Grabber
Score

10^/10

mercurialgrabber evasion stealer
- Mercurial Grabber Stealer
  Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.
  stealer mercurialgrabber
- Looks for VirtualBox Guest Additions in registry
  evasion
- Looks for VMWare Tools registry key
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Legitimate hosting services abused for malware hosting/C2
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

urlscan1

behavioral1

mercurialgrabberevasionstealer

© 2018-2025

Terms | Privacy