General
-
Target
Urm.exe
-
Size
41KB
-
Sample
240922-lhbzmasenj
-
MD5
83f52e0aebc4f6f8bafbfa855e826dcc
-
SHA1
37b64811517ee85fc8d3f64f67ddd1ee7372f811
-
SHA256
99c7c262aa5b81a8694ae3e6449972f84edc48165f17e59e7d56bd6b2c9875e6
-
SHA512
00dbdee6de08cae2e96ec758a6ac9075a52ce4c8f8149dfdd8afb2963835ebac883747fcadcd6f77c4737cfa827bfddf1de87dbbeca738d0f7c24476f1297d6e
-
SSDEEP
768:rN8C37hX/XSNluZVLrpTjeKZKfgm3Ehq3:6LyLrpTqF7E43
Behavioral task
behavioral1
Sample
Urm.exe
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Urm.exe
-
Size
41KB
-
MD5
83f52e0aebc4f6f8bafbfa855e826dcc
-
SHA1
37b64811517ee85fc8d3f64f67ddd1ee7372f811
-
SHA256
99c7c262aa5b81a8694ae3e6449972f84edc48165f17e59e7d56bd6b2c9875e6
-
SHA512
00dbdee6de08cae2e96ec758a6ac9075a52ce4c8f8149dfdd8afb2963835ebac883747fcadcd6f77c4737cfa827bfddf1de87dbbeca738d0f7c24476f1297d6e
-
SSDEEP
768:rN8C37hX/XSNluZVLrpTjeKZKfgm3Ehq3:6LyLrpTqF7E43
Score10/10-
Mercurial Grabber Stealer
Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-