General
-
Target
sbHBAhjbsa.exe
-
Size
41KB
-
MD5
afbb43b44b95fecee1d017414031254b
-
SHA1
d9546073e6a5da4b684ce8e86cef8bfb2354f18a
-
SHA256
d09bafb8d1a2c81142d5ebc9d259810e731a645774f6a0967dfcc18e32ca7dd6
-
SHA512
9e7453b66c83cafc9f0c0fc46cd17568a80e84793f7c6f28d21c8236ca16cd549ff8f1383e1b20dccbce26dd4f48a60ac3a43187f0c452412e1aee232a1bbdc2
-
SSDEEP
768:7scWsQj++y0WybOVioqwluZFenWTjMKZKfgm3EhRA:gcB+6GenWTwF7ErA
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discordapp.com/api/webhooks/1265115897622822922/sKHSkvAozNOKztWBy15s30wzxno1ChZP19kVme6i0-pZiewoQf_88CDgmR0iIigJbbL4
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
sbHBAhjbsa.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections