General

  • Target

    Zen Executor.exe

  • Size

    42KB

  • MD5

    4941354088ef6c284f18c8462ee6aa44

  • SHA1

    51b7ce9566d3eb4ae9ed76ff82b05d8348239bd6

  • SHA256

    9ca293a20e15b3aff9cd3fa27cda84c69b92f726d38986f7f9bdb2930294e13c

  • SHA512

    fb526a6a9fcfd093679ccd7c66c3c44d738300cdc3926f66d6c192b91083d2394214bcea7fd961d0d15cf150c141d60c0dbcb7e224ca4d2262fd690eb9df8a63

  • SSDEEP

    768:LqevvLvnDylOcwuZjL2+Tj4GKZKfgm3Eh2I:GajnD9cZL2+TLF7EYI

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/1299872808737968129/5cyItPW9cpmOhcgsl6lUhFKO4BbU_6Rb9zaRpiYUPMDRm0y8k2Ke5x6Jcv4BgyeXpuYl

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Zen Executor.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections