General
-
Target
denpa.exe
-
Size
108KB
-
MD5
69b405e4d18d084a1e7a25600b9cbc16
-
SHA1
8139bb13af87d68f39a28c79ae6ed642960b9a85
-
SHA256
a7968cdc93342d68aec8cd202bdfca0533e084de71cdab5cb4831d0e60e3754a
-
SHA512
4701a1c17271e2513fbbbd08e6e9c17bd5fd28056eaa6239ca455a6cbefe4c2d46a503998b5b102d9c8c80205328287fc4c3549b53f4153a401bfc7086bea082
-
SSDEEP
768:Gkn3gimo5E9E//4MXuZDLaSTjyKZKfgm3Eh9v/a:Gkn36GEIDYLaSTGF7ETv/a
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1287063145159983124/AWTzhiH-kmIMh53lB0wafAJMj7zaL0MCPGqZzXaVpBKVg6_L2RHJw1_YZI2Qk4DLPoK5
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
denpa.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections