mercurialgrabber | f5d2f27645697270a66c845540017b05e3ec125c4d54ab3ba0f9f0487903657b | Triage

Sharing

General

Target

JaffaCakes118_25478cb8612a3ae3e156805b33ecc624
Size

614KB
Sample

250106-qbcpsszjcj
MD5

25478cb8612a3ae3e156805b33ecc624
SHA1

8f2eb0b0664a3e808fc6efa3ff336a95ce2ddb1d
SHA256

f5d2f27645697270a66c845540017b05e3ec125c4d54ab3ba0f9f0487903657b
SHA512

5567ceb0e4ce6cb67fd1b1a21de1938060ec658a893887980071dfbc4c19c34ffb7ef1d95b58eb734ddb3e376cc5e02082a7431732291c96c0a3ebd322c08b37
SSDEEP

12288:SQ6KyVtP9jocOXj4i6c4yplkM943ctZkmz4Ag/+LJPPz:1yVtVEcOEi665z

Score

10^/10

mercurialgrabber discovery stealer

Malware Config

Targets

- Target
  
  JaffaCakes118_25478cb8612a3ae3e156805b33ecc624
- Size
  
  614KB
- MD5
  
  25478cb8612a3ae3e156805b33ecc624
- SHA1
  
  8f2eb0b0664a3e808fc6efa3ff336a95ce2ddb1d
- SHA256
  
  f5d2f27645697270a66c845540017b05e3ec125c4d54ab3ba0f9f0487903657b
- SHA512
  
  5567ceb0e4ce6cb67fd1b1a21de1938060ec658a893887980071dfbc4c19c34ffb7ef1d95b58eb734ddb3e376cc5e02082a7431732291c96c0a3ebd322c08b37
- SSDEEP
  
  12288:SQ6KyVtP9jocOXj4i6c4yplkM943ctZkmz4Ag/+LJPPz:1yVtVEcOEi665z
Score

10^/10

mercurialgrabber discovery stealer
- Mercurial Grabber Stealer
  Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.
  stealer mercurialgrabber
- Mercurialgrabber family
  mercurialgrabber
- Network Service Discovery
  Attempt to gather information on host's network.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

mercurialgrabberdiscoverystealer

behavioral2

mercurialgrabberdiscoverystealer