General
-
Target
GFX locator by 89_39.exe
-
Size
41KB
-
MD5
50448b99a6ab09d371ba1bb9f348bbb2
-
SHA1
cdfa4b634d498af21946404397b9166c395d273e
-
SHA256
44398ef8657a9fbb73eb1bfe7b3657241d0497318dcafabdd86669ee5dc32dc6
-
SHA512
4fe0e40ba1396d8e238d5fef255fab22d88a1aaab005ca71cceaa55bfb2f061ea1997e2c0f3e82be3ca3a4bd65fae26edcd9dc4914d72f6d7aed4bcda2a12bd2
-
SSDEEP
768:oscaIyIbubDIA3ruQw3uZleuWTj6KZKfgm3EhR/:vc1Zub3ueeuWTOF7Ez/
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1275113676453580880/9MyUKYUCniUZuZMT3Ww37_BxIGyZdN9irR0Ljml5MW18Tz7TxMIpOI_aDCPDu_qayZOt
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
GFX locator by 89_39.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections