General
-
Target
skibdidildo.exe
-
Size
42KB
-
Sample
250503-ydj6nabn6v
-
MD5
9d2f7e5485fb707a88dd13b1c9d16a3a
-
SHA1
98b99895089ef6e4904acb137b2fb14aaccd2968
-
SHA256
012e3e46048fb53d1fcf4831c8842a52e3e78a1f3c54af7dfcfa2bb84928fa9d
-
SHA512
f42c84548a715bfba7d28268ba8125b7de813a02b709d74aabe2ba967447f9c301a0c43d9387103063dd94226171d28d10f1101bcd7ee156c1d14941414fc561
-
SSDEEP
768:opKLvWTylOUIuZbLjCTj3KZKfgm3Ehy5:pjWT9UVLjCTbF7Ec5
Behavioral task
behavioral1
Sample
skibdidildo.exe
Resource
win10v2004-20250502-en
Malware Config
Extracted
mercurialgrabber
https://discord.com/api/webhooks/1368309880108224713/3s2y6pzsmqMyrkXqMiOmaB-Hs7qwBUDOH-W_MQ9nKnCOBe-c7cRYAN2caCJdVBJggZli
Targets
-
-
Target
skibdidildo.exe
-
Size
42KB
-
MD5
9d2f7e5485fb707a88dd13b1c9d16a3a
-
SHA1
98b99895089ef6e4904acb137b2fb14aaccd2968
-
SHA256
012e3e46048fb53d1fcf4831c8842a52e3e78a1f3c54af7dfcfa2bb84928fa9d
-
SHA512
f42c84548a715bfba7d28268ba8125b7de813a02b709d74aabe2ba967447f9c301a0c43d9387103063dd94226171d28d10f1101bcd7ee156c1d14941414fc561
-
SSDEEP
768:opKLvWTylOUIuZbLjCTj3KZKfgm3Ehy5:pjWT9UVLjCTbF7Ec5
Score10/10-
Mercurial Grabber Stealer
Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.
-
Mercurialgrabber family
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-