Overview

overview

10

Static

static

13624ffe8c...09.exe

windows7_x64

10

13624ffe8c...09.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13624ffe8cd64d5c30602bf57f83245235e251ba2f92d81a7f7c2d1530c5a309

  • Size

    737KB

  • Sample

    220319-z7zc4saadm

  • MD5

    549ff20a80778cb9367e1bf98950ed2c

  • SHA1

    faf24d282d0fe762e9094d77f2c9823490dcc776

  • SHA256

    13624ffe8cd64d5c30602bf57f83245235e251ba2f92d81a7f7c2d1530c5a309

  • SHA512

    6e94a4b95b37ead2cac4dea2a23af5f11e02ae450fded489b5af720615e6c4699723105af20979c5c7cc4b11fab2c10717e668bfa09820681d6d77f0eb91f95b

Score
10/10
shurkinfostealerspywarestealer

Malware Config

Targets

    • Target

      13624ffe8cd64d5c30602bf57f83245235e251ba2f92d81a7f7c2d1530c5a309

    • Size

      737KB

    • MD5

      549ff20a80778cb9367e1bf98950ed2c

    • SHA1

      faf24d282d0fe762e9094d77f2c9823490dcc776

    • SHA256

      13624ffe8cd64d5c30602bf57f83245235e251ba2f92d81a7f7c2d1530c5a309

    • SHA512

      6e94a4b95b37ead2cac4dea2a23af5f11e02ae450fded489b5af720615e6c4699723105af20979c5c7cc4b11fab2c10717e668bfa09820681d6d77f0eb91f95b

    Score
    10/10
    shurkinfostealerspywarestealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer Payload

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks