General
-
Target
my paid gen.exe
-
Size
41KB
-
MD5
e25cb77a854e2a17d51e1963a5c2c847
-
SHA1
66a27f141c8740d31cb5f3f2163f28878753aabb
-
SHA256
2b8bbcdbca96ddfa4cab9c002b573a61ca5b76bb82f2291c5697d2373f597350
-
SHA512
ca43b4a7c4729f0d9e5eddad15695b1a36e31b4dbdd5e5bf4b35aa982fea410565e37843cd324f82694670fbd3c8b6b57bf25502910a18e5fb8517117eb9ee87
-
SSDEEP
768:VscaIiIqEemmCAiGz3whuZre5WTjgKZKfgm3EhWM:Cc1OBDvbe5WTUF7E8M
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1279557394677895311/Sw4EvWiW4SbcOzSCej18SukPQF-M_rfa5znh9fESXm95kIknSnlBrm_lJ_g-PFSoTKMc
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
my paid gen.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections