shurk | 794c23dd8f2c86e3fb263e9e3f615551ef3a1183e7dc99e9eeea3faee47453bf | Triage

Submit
Reports

Overview

overview

Static

static

794c23dd8f...bf.exe

windows7_x64

794c23dd8f...bf.exe

windows10-2004_x64

Sharing

General

Target

794c23dd8f2c86e3fb263e9e3f615551ef3a1183e7dc99e9eeea3faee47453bf
Size

731KB
Sample

220320-dmyp7affh4
MD5

b9e1489d3bf19c77c3460a06169adc61
SHA1

686257133c5e52b71a864646faeb6e4b21e651e3
SHA256

794c23dd8f2c86e3fb263e9e3f615551ef3a1183e7dc99e9eeea3faee47453bf
SHA512

de38d10d56a6ab283bd19008dbc35873ffc8d6651be07cb36706a519b5d200586e202a5e2e741ccbfcf8d5a56ba7baa596bc8776e57d31f142512f0f52baa6dc

Score

10^/10

shurk infostealer spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

794c23dd8f2c86e3fb263e9e3f615551ef3a1183e7dc99e9eeea3faee47453bf.exe

Resource

win7-20220311-en

shurk infostealer spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

794c23dd8f2c86e3fb263e9e3f615551ef3a1183e7dc99e9eeea3faee47453bf.exe

Resource

win10v2004-en-20220113

shurk infostealer spyware stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  794c23dd8f2c86e3fb263e9e3f615551ef3a1183e7dc99e9eeea3faee47453bf
- Size
  
  731KB
- MD5
  
  b9e1489d3bf19c77c3460a06169adc61
- SHA1
  
  686257133c5e52b71a864646faeb6e4b21e651e3
- SHA256
  
  794c23dd8f2c86e3fb263e9e3f615551ef3a1183e7dc99e9eeea3faee47453bf
- SHA512
  
  de38d10d56a6ab283bd19008dbc35873ffc8d6651be07cb36706a519b5d200586e202a5e2e741ccbfcf8d5a56ba7baa596bc8776e57d31f142512f0f52baa6dc
Score

10^/10

shurk infostealer spyware stealer
- Shurk
  Shurk is an infostealer, written in C++ which appeared in 2021.
  infostealer shurk
- Shurk Stealer Payload
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

shurkinfostealerspywarestealer

behavioral2

shurkinfostealerspywarestealer

© 2018-2024

Terms | Privacy