General
-
Target
JaffaCakes118_5ff7082170d06e0244014d993a3a26f8dafbb00e
-
Size
17KB
-
MD5
4aa2a0741f77030ca6e522b3d2a77dfa
-
SHA1
5ff7082170d06e0244014d993a3a26f8dafbb00e
-
SHA256
e07c09f57f06d41f1aa2a761a587e0a26bcde307422495ed075a82c5257086d6
-
SHA512
5bde3ba9bd7b79cdba2450f1b48aa3991d86fcd672f8f03e1216eccdb703c62403465c1af47579bab86fc6ffec8790c8b910c6c41563b62a7bfcd4914150ef23
-
SSDEEP
384:w/8oj/JkvrTx3TDODwx2pUMkSZfUxZqeFpym9sBbDsetSuhScqDCR2ll:FKmNDNMkGcxZRF93QhScqc2ll
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/861182160127918150/IeKGPUb8uRkJyZG3-A_U2CxLcPPUzrC0ck9yhlV2_vvu5pqPvyVmoHbHH0moBP3VhtWY
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
JaffaCakes118_5ff7082170d06e0244014d993a3a26f8dafbb00e
Password: infected
-
Blueness.rar
-
Blueness.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections