General
-
Target
Mercurial.exe
-
Size
146KB
-
MD5
0bf1054dd4f0ad45f4d5426996dc65bf
-
SHA1
64b5fa861128640392dd69a8d224bb467ef68545
-
SHA256
56550fecb5b916eac9280f2e20b0a6ea06041e18f88fb39531df029080bdbc7b
-
SHA512
d6145e94762ff963ec83f716166c63f8d0e692f3f02ae94732b142c5b177826608906933b1490b0558a381702c7c4eb9877b27583f9cd3e5d294a2df0e66e62e
-
SSDEEP
768:vscWcQ20/ave0QSwJuZheVWTj9KZKfgm3Eh2x2egFH4MkaL5PEs:Ec9eVWTBF7E8xUH4QL5cs
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://ptb.discord.com/api/webhooks/895223301373300776/4LFPS81olSXc9Stl05N1nV_de5bp6BZLZwfYl5WydodJ9w8AtEOpBRJrAJDKDvxbtGHz
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Mercurial.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections