Mercurial Grabber.exe May 2026

Mercurial Grabber.exe May 2026

Never download software from unofficial sources, especially those that ask you to disable your antivirus before running. Ransomware Roundup - DoDo and Proton | FortiGuard Labs

Primarily uses Discord Webhooks to exfiltrate stolen data directly to an attacker-controlled Discord channel. Key Capabilities Mercurial Grabber.exe

Collects machine info, including Windows product keys, IP addresses, hardware specs, and desktop screenshots. Never download software from unofficial sources

The stolen data is bundled and sent via an HTTP POST request to the attacker's Discord webhook. Risk Mitigation If you suspect an infection: including Windows product keys