Lunar_builder.exe Apr 2026

is identified as a malicious executable, frequently associated with spyware and information-stealing Trojans such as MercurialGrabber .

: Analysis reports show the process modifying Chrome extension folders, reading Outlook installation paths, and dropping new executables—all typical behaviors of a "grabber" tool . Recommended Actions Lunar_Builder.exe

If you have encountered this file, it is highly recommended to and to remove it from your system immediately. Key Risk Indicators Key Risk Indicators : If the file is

: If the file is on your computer, disconnect from the internet to prevent any stolen data from being uploaded to a remote server. : You can use a tool like the ANY

: It is designed to "grab" sensitive information, including Discord tokens, browser cookies, saved passwords, and login details for platforms like Roblox .

: If you have already executed the file, change your passwords immediately for your email, banking, and social accounts (especially Discord and gaming platforms), and enable Two-Factor Authentication (2FA) where possible.

: You can use a tool like the ANY.RUN interactive sandbox to view technical reports of its activity if you tokengrabber · GitHub Topics