General
-
Target
Gfx Helper for Pozing.exe
-
Size
42KB
-
MD5
6a37d401c3a49faa8bd4da9c5999ba6c
-
SHA1
4054ee88d85ea8079ffbb426cbe1cb7444563d98
-
SHA256
93d46b85e02f0925271d54523467a26690e84528a8a0d9d0c308076ef002268f
-
SHA512
de7e013835f14a567c9e5f52908c0800ad7dbcb19a7ad1d3c1161b39aaf0ddcfb1f5172802507917ceadfc9a9591e9cfff609514ff2141d33cbb3a2d56694d7d
-
SSDEEP
768:FBRU9NNh2NnehX0W1euZsL3NTjS+KZKfgm3Eht5:Dgh2VQz1ML3NTlF7E35
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1275125611156869122/f0BoD3zoxk5i-AD7hw3rQInaeKMtN3t0ACDklfxlAc7ukHPkQLo4LMaeHY6PD1L6_8hh
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Gfx Helper for Pozing.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections