Overview

overview

10

Static

static

10

sex.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sex.exe

  • Size

    41KB

  • Sample

    241116-bn16lazrfq

  • MD5

    dca440cb77eeabd180321795d511bc27

  • SHA1

    47114030cca9b7a87af67563c6adeb1cf3027d56

  • SHA256

    b52046bcf09b6996ddb61204d36de67ea0c9b7f25ccde4415a0f0fa2afb3c134

  • SHA512

    31f79968e769abd3e59db805b8364a1f3dbe0d6d8f3073769b91ddceb48311e26ca92537f6801ef74b7f36b3432065cee4a5731df26e1e2fa77d2633f43bb553

  • SSDEEP

    768:qO+85OKI0g/1NfuZTLeITjzKZKfgm3Ehk6:jUKLeITvF7ES6

Score
10/10
mercurialgrabberspywarestealer

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/1299876780768755785/wmHYoVqwhxr9ehehEcQjNJFMWBvivbpl5_s6oQXGd22T4WS08YH2jX36Ah1D4iXWz4G0

Targets

    • Target

      sex.exe

    • Size

      41KB

    • MD5

      dca440cb77eeabd180321795d511bc27

    • SHA1

      47114030cca9b7a87af67563c6adeb1cf3027d56

    • SHA256

      b52046bcf09b6996ddb61204d36de67ea0c9b7f25ccde4415a0f0fa2afb3c134

    • SHA512

      31f79968e769abd3e59db805b8364a1f3dbe0d6d8f3073769b91ddceb48311e26ca92537f6801ef74b7f36b3432065cee4a5731df26e1e2fa77d2633f43bb553

    • SSDEEP

      768:qO+85OKI0g/1NfuZTLeITjzKZKfgm3Ehk6:jUKLeITvF7ES6

    Score
    10/10
    mercurialgrabberspywarestealer

    • Mercurial Grabber Stealer

      Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.

      stealermercurialgrabber

    • Mercurialgrabber family

      mercurialgrabber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks