The file is the compiled output of an open-source information stealer (infostealer) originally published on GitHub in 2021. While its creators claimed it was for "educational purposes," it has been widely adopted by threat actors to steal personal data from gamers and casual web users.
Attackers rarely name the file "Mercurial Grabber.exe" when sending it to victims. Instead, they disguise it as:
Some variants copy themselves to %APPDATA%\Local\Temp and add a registry key to ensure they run every time the computer reboots. Mercurial Grabber.exe
