General
-
Target
notalogger.exe
-
Size
42KB
-
Sample
250523-dlcfkagn8w
-
MD5
501ee99a95e1319537955f4ba50fc8de
-
SHA1
5651a0c337ac85df63d3cad08f4fc49f9dc95bbe
-
SHA256
c0348011be96049a21d008f5e49ac207ae8250706d386fb053f94801af31ce46
-
SHA512
c0ec144b7b7574f4168a5e8a70678cb9910d837d85a7c3b49eeb0e2149e4826646fd6df2b2c959a8357d4b9743b6c67f363ae6867cf8f4ff9f9289e15a1c899a
-
SSDEEP
768:9IH3A3dL+Lv7pTylOEkuZzLgQTjOKZKfgm3EhoJ:qH6qjdT9EJLgQTaF7EyJ
Behavioral task
behavioral1
Sample
notalogger.exe
Resource
win10v2004-20250502-en
Malware Config
Extracted
mercurialgrabber
https://discord.com/api/webhooks/1375307462386909214/Bx5WZobqVUj7uOcOoxI7RT4f6kGOj1wwVuQcdvcc1kuubvyNEl0dgrhvwvpr7sviL9jP
Targets
-
-
Target
notalogger.exe
-
Size
42KB
-
MD5
501ee99a95e1319537955f4ba50fc8de
-
SHA1
5651a0c337ac85df63d3cad08f4fc49f9dc95bbe
-
SHA256
c0348011be96049a21d008f5e49ac207ae8250706d386fb053f94801af31ce46
-
SHA512
c0ec144b7b7574f4168a5e8a70678cb9910d837d85a7c3b49eeb0e2149e4826646fd6df2b2c959a8357d4b9743b6c67f363ae6867cf8f4ff9f9289e15a1c899a
-
SSDEEP
768:9IH3A3dL+Lv7pTylOEkuZzLgQTjOKZKfgm3EhoJ:qH6qjdT9EJLgQTaF7EyJ
Score10/10-
Mercurial Grabber Stealer
Mercurial Grabber is an open source stealer targeting Chrome, Discord and some game clients as well as generic system information.
-
Mercurialgrabber family
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-