General

  • Target

    discordtokengrabber.exe

  • Size

    46KB

  • MD5

    e3b6f38baccba2f413aa4cfffc654bd6

  • SHA1

    6ad7f08babf061704626cb41072af3dcbfe79c63

  • SHA256

    fa260554c8c655b07cd603d2e67d24931b47eb3510c9cf2a06fd9888967cc61b

  • SHA512

    7258aa4164ae63058e32b3c690e5a8b7298c60562d3d20283722edfabe29faae73299b994b2c8d11b24a5971ac4e08f813d1766ab62281d19fb2331c901fec8c

  • SSDEEP

    768:wPdNh2NnehX0W1TuZZLHkmTjYKZKfgm3Eh+UT:Sh2VQz1gLHkmTMF7EcG

Score
10/10

Malware Config

Extracted

Family

mercurialgrabber

C2

https://discord.com/api/webhooks/1373958966652047380/SO87qbPbX0nMJLVLqKfnJ-RQTC20L4WMGFh4mT4HSsIT2_MBO4DQWdXa5-JwcEDdxSn4

Signatures

  • Mercurialgrabber family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • discordtokengrabber.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections