Overview

overview

10

Static

static

mixazed_20...34.exe

windows7_x64

10

mixazed_20...34.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mixazed_20210731-070734

  • Size

    430KB

  • Sample

    210731-11taac5wdx

  • MD5

    a7e7c55d763359f4b590ea4eec10b800

  • SHA1

    c9c9c25f0f90048face442c607428cfbfdc3798b

  • SHA256

    7ea4937a54c4f1373be662d2a8c3bb4aa34faf25dff90318921bdc5a5853524c

  • SHA512

    71fedc8d1d8961c9e253876f66f434694fe7df200d391af577602a83046bc4698bb174cb93ecc78ef9bb4b75fa19cf15d35d21f4b349c29fd22008c4089bd08a

Score
10/10
shurkinfostealerspywarestealer

Malware Config

Targets

    • Target

      mixazed_20210731-070734

    • Size

      430KB

    • MD5

      a7e7c55d763359f4b590ea4eec10b800

    • SHA1

      c9c9c25f0f90048face442c607428cfbfdc3798b

    • SHA256

      7ea4937a54c4f1373be662d2a8c3bb4aa34faf25dff90318921bdc5a5853524c

    • SHA512

      71fedc8d1d8961c9e253876f66f434694fe7df200d391af577602a83046bc4698bb174cb93ecc78ef9bb4b75fa19cf15d35d21f4b349c29fd22008c4089bd08a

    Score
    10/10
    shurkinfostealerspywarestealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer Payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks