General
-
Target
Boostrapper.exe
-
Size
42KB
-
MD5
9971c94257cdafd71d672fccd82c9250
-
SHA1
448d3a0ab283023990c817c574aae61416fda823
-
SHA256
c9fca0f6efecacb6dd81bb0a65989d770cd467369159c9daf08ff59bdc1e051b
-
SHA512
1827b5934655f9457a94bdc6f187190e3953c1b0afb2f644bafcfc9ca4b6625057b7f81569a9f5974da88ec170f7e99eac182715059772752d78c66a252b66fa
-
SSDEEP
768:ZPSm4lMmcgmpxuZsLRqTjAKZKfgm3Eh1A:5AWpvLRqT0F7E/A
Score
10/10
Malware Config
Extracted
Family
mercurialgrabber
C2
https://discord.com/api/webhooks/1324237031412600885/jXaIg4ATTpSFG8ZigAQLqZW3xZHhnYwtWWXOJOJ8ax3avDT0yUes6EI7UXDkcRKIQn7r
Signatures
-
Mercurialgrabber family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
Boostrapper.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections