mercurialgrabber | Mercurial[.]Grabber[.]v1[.]03[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

Mercurial.Grabber.v1.03.rar
Size

94KB
MD5

0ec5027161e49223bfbfe40321592511
SHA1

1ba9f950d283058f0b41b0ece5f3becff811fd9c
SHA256

371edb664c31555dac5e695b0f7286115dd94b380c188948bde2f167f030a7d3
SHA512

809b69857661727a2f26cb4c0921e29e012ebbc998b3fe7cc1b6b24d973b51b15cdcb512f38cf37ae220ff346ced85056fedac786db36707c59fea952953133e
SSDEEP

1536:fKsbf1SvOpAtcQZrlImqPqEvSGkbJ4pBJXK/YnNnJbbeygbZuJi:ysjIvJcQZDaqjbuPJXK/cJbbyIi

Score

10^/10

mercurialgrabber

Malware Config

Extracted

Family

mercurialgrabber

https://ptb.discord.com/api/webhooks/895223301373300776/4LFPS81olSXc9Stl05N1nV_de5bp6BZLZwfYl5WydodJ9w8AtEOpBRJrAJDKDvxbtGHz

Signatures

Mercurialgrabber family
mercurialgrabber

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/Mercurial Grabber.v1.03/Mercurial.exe

Files

Mercurial.Grabber.v1.03.rar
.rar
Mercurial Grabber.v1.03/Mercurial.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mercurial Grabber.v1.03/Mercurial/App.config
Mercurial Grabber.v1.03/Mercurial/FodyWeavers.xml
Mercurial Grabber.v1.03/Mercurial/Form1.Designer.cs
Mercurial Grabber.v1.03/Mercurial/Form1.cs
.js
Mercurial Grabber.v1.03/Mercurial/Form1.resx
.vbs
Mercurial Grabber.v1.03/Mercurial/Mercurial.csproj
Mercurial Grabber.v1.03/Mercurial/Program.cs
Mercurial Grabber.v1.03/Mercurial/Properties/AssemblyInfo.cs
Mercurial Grabber.v1.03/Mercurial/Properties/Resources.Designer.cs
.vbs
Mercurial Grabber.v1.03/Mercurial/Properties/Resources.resx
.vbs
Mercurial Grabber.v1.03/Mercurial/Properties/Settings.Designer.cs
Mercurial Grabber.v1.03/Mercurial/Properties/Settings.settings
Mercurial Grabber.v1.03/Mercurial/Properties/licenses.licx
Mercurial Grabber.v1.03/Mercurial/Resources/AesGcm.cs
.js
Mercurial Grabber.v1.03/Mercurial/Resources/Browser.cs
.js
Mercurial Grabber.v1.03/Mercurial/Resources/Common.cs
.js
Mercurial Grabber.v1.03/Mercurial/Resources/Grabber.cs
.js
Mercurial Grabber.v1.03/Mercurial/Resources/Machine.cs
.js
Mercurial Grabber.v1.03/Mercurial/Resources/Program.cs
.js
Mercurial Grabber.v1.03/Mercurial/Resources/SQLite.cs
Mercurial Grabber.v1.03/Mercurial/Resources/User.cs
Mercurial Grabber.v1.03/Mercurial/Resources/Webhook.cs
.js
Mercurial Grabber.v1.03/Mercurial/Testing.cs
Mercurial Grabber.v1.03/Mercurial/logo.ico
Mercurial Grabber.v1.03/Mercurial/packages.config

Sharing

General

Malware Config

Extracted

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 39KB - Virtual size: 38KB

.rsrc Size: 106KB - Virtual size: 105KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 39KB - Virtual size: 38KB

.rsrc
Size: 106KB - Virtual size: 105KB

.reloc
Size: 512B - Virtual size: 12B