Analysis
-
max time kernel
187s -
max time network
193s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
27-04-2022 15:30
General
-
Target
c64e6f105bc51acb9f3443826f97e08ba7fdd15dd508e0889c0c410e1c871c10.exe
-
Size
503KB
-
MD5
3ffdb48ee6c9f57ff5597d127c0b185c
-
SHA1
a0961e062397e2f8bf821e6bd7a391a6019e1772
-
SHA256
c64e6f105bc51acb9f3443826f97e08ba7fdd15dd508e0889c0c410e1c871c10
-
SHA512
9d16dc7ca2e4432f5fbbbd88d21a3404a0912d05a907388e1fa39a4d4eb193995509b36db01326f45ccebfa06d4a490c0879504ea87691d3547d236aedfc04f0
Score
10/10
Malware Config
Signatures
-
Shurk
Shurk is an infostealer, written in C++ which appeared in 2021.
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c64e6f105bc51acb9f3443826f97e08ba7fdd15dd508e0889c0c410e1c871c10.exe"C:\Users\Admin\AppData\Local\Temp\c64e6f105bc51acb9f3443826f97e08ba7fdd15dd508e0889c0c410e1c871c10.exe"1⤵
- Suspicious behavior: EnumeratesProcesses