General
-
Target
mercurialll.exe
-
Size
42KB
-
MD5
c5b0524db04000a869b5d72c8d853055
-
SHA1
e49365c097c38c0c76ab45b7fcc9816c562d93ea
-
SHA256
42b41379ffd81e77b83fdd6fbef9b3867206e6a2a1b81bb5543fddcf4b60d1c3
-
SHA512
296ba85d8da2bf72da3394004278e738024118de78c0b9177cf45987d6d4348900d4405f7e6829b434be78d0e19d0128fe55fde7a0352e3f459090857f557186
-
SSDEEP
768:TUOmPE4lMmkpb9mpKuZPL9HqTjUKZKfgm3EhPB:7AibIpbL9HqTgF7EVB
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1279217204323156153/PfnFxjSTBGvOFUR_eBCUTW-98gwm5YlZ7kySbZHvpfCiTR6h5wK9dsiLKp3e86ugBnX0
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
mercurialll.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections