Overview

overview

10

Static

static

90650bd59d...9c.exe

windows7_x64

10

90650bd59d...9c.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    90650bd59d65af3b3cc34b318b68dd9c.exe

  • Size

    434KB

  • Sample

    220406-t5dezacacn

  • MD5

    90650bd59d65af3b3cc34b318b68dd9c

  • SHA1

    a4042d9bb65c98c6476f03f4bca45b568c3f0317

  • SHA256

    cd197cd5e1dfc36ee9b6c148fdf19ae215faa6c3707045909c41b3ac8d28e673

  • SHA512

    98120dc5907acd56d6f0948df1b1061d75f99aef21ac7120f66f904c59974758d75643fe507de4c605918810dd40527401deeb4434c3fdccce63f87320c464d2

Score
10/10
shurkinfostealerspywarestealer

Malware Config

Targets

    • Target

      90650bd59d65af3b3cc34b318b68dd9c.exe

    • Size

      434KB

    • MD5

      90650bd59d65af3b3cc34b318b68dd9c

    • SHA1

      a4042d9bb65c98c6476f03f4bca45b568c3f0317

    • SHA256

      cd197cd5e1dfc36ee9b6c148fdf19ae215faa6c3707045909c41b3ac8d28e673

    • SHA512

      98120dc5907acd56d6f0948df1b1061d75f99aef21ac7120f66f904c59974758d75643fe507de4c605918810dd40527401deeb4434c3fdccce63f87320c464d2

    Score
    10/10
    shurkinfostealerspywarestealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer Payload

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks