General

  • Target

    stub.exe.bin

  • Size

    41KB

  • MD5

    fe5b18fb8ffd1bafb3883bf5d3fb33db

  • SHA1

    d0888345fd3aa400fc8b22cb4dcd30de55929263

  • SHA256

    3e6a1f26ea0c52f493b48f45556b77584e36d647b18499ac734e11394cfd6f71

  • SHA512

    284376f1662894bdc438cd5d8328be38e67836f0e9d8fb389cdfaf16abc622191413d83e39f17826f95241813eba6acc2561e3152474f87fff3acf55b91c73c9

  • SSDEEP

    768:+scGoA2e8jy5M/BgwZuZHesWTjgcXKZKfgm3EhUM:Nc9e8HMesWTsiF7EmM

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/860365364616364055/dWA-5PDcq6nC-drvVUSEcFKm1x7ZFbbUGmmbCWN8YHcHo6Fx_r0b9o2rP45QpRZwNO49

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • stub.exe.bin
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections