shurk | bb09b23c49593c6b6d2f8d83a7d4e5d430ebcf1f394d0bb6a6f7872f293a8394 | Triage

Submit
Reports

Overview

overview

Static

static

bb09b23c49...94.exe

windows7_x64

bb09b23c49...94.exe

windows10-2004_x64

Sharing

General

Target

bb09b23c49593c6b6d2f8d83a7d4e5d430ebcf1f394d0bb6a6f7872f293a8394
Size

731KB
Sample

220319-pm82pshggl
MD5

d18f7a8f7b293e333b46ec6f70eea26c
SHA1

9470145dafae7b558782d90ce6e06f9e97dba8bc
SHA256

bb09b23c49593c6b6d2f8d83a7d4e5d430ebcf1f394d0bb6a6f7872f293a8394
SHA512

f47d4ab9e0ea4f38d20829563f3203bfc0749351d9fd99fd0b61993ecb947621ce943211da39cdc6c78a9154fde6595dcf9119e2beda5b8d3daecf317e6ba078

Score

10^/10

shurk infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

bb09b23c49593c6b6d2f8d83a7d4e5d430ebcf1f394d0bb6a6f7872f293a8394.exe

Resource

win7-20220311-en

shurk infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

bb09b23c49593c6b6d2f8d83a7d4e5d430ebcf1f394d0bb6a6f7872f293a8394.exe

Resource

win10v2004-20220310-en

shurk infostealer spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  bb09b23c49593c6b6d2f8d83a7d4e5d430ebcf1f394d0bb6a6f7872f293a8394
- Size
  
  731KB
- MD5
  
  d18f7a8f7b293e333b46ec6f70eea26c
- SHA1
  
  9470145dafae7b558782d90ce6e06f9e97dba8bc
- SHA256
  
  bb09b23c49593c6b6d2f8d83a7d4e5d430ebcf1f394d0bb6a6f7872f293a8394
- SHA512
  
  f47d4ab9e0ea4f38d20829563f3203bfc0749351d9fd99fd0b61993ecb947621ce943211da39cdc6c78a9154fde6595dcf9119e2beda5b8d3daecf317e6ba078
Score

10^/10

shurk infostealer spyware stealer
- Shurk
  Shurk is an infostealer, written in C++ which appeared in 2021.
  infostealer shurk
- Shurk Stealer Payload
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

shurkinfostealerspywarestealer

behavioral2

shurkinfostealerspywarestealer

© 2018-2024

Terms | Privacy