General
-
Target
409eed418408597f0a962a72084954fc.zip
-
Size
203KB
-
MD5
bed2949ce369a8fc5aa9a93e3ba3fafa
-
SHA1
7140c9f50815d02b1da7b630bc9d2383af6f76fc
-
SHA256
c1feedddcded1ca54e0ba77d2bb9d31ac61e307e0bf9b04590463e44f8f4b5eb
-
SHA512
6ef07fdefa4b0a8728ef951216329d1977e5f33402169e94f290dc9a2a06857506d5c9283a30ddfbd1d27fdca41d6187a3df63e237d456319e5a0c951a14c52d
-
SSDEEP
6144:hK2L6eRSksipP//Wve/6eWuiuORQA/hbYT:hKCRlscvr/6juOrZ6
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/899039214799302707/qsWKqfMDHZvpjKdUaLOScVIgdq1amrTWt3H7cYjN7JYAUUvivw72drT90nFEQohSqE7a
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
409eed418408597f0a962a72084954fc.zip
Password: infected
-
1b8fb7ba5b8df9b78b495cd8bf6dcfa9f2c2788ca14db5f0a8c6f764477e8651
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections