Overview

overview

10

Static

static

7c588bad30...3a.exe

windows7_x64

10

7c588bad30...3a.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7c588bad30254ad265fe472b453699875ff7345ece5f21e3b12135a3712daa3a

  • Size

    731KB

  • Sample

    220502-w339qafefj

  • MD5

    f7447783a2122d8716e204dcd863245f

  • SHA1

    0b8b6bc7caf1366700be7ff189563858869267a7

  • SHA256

    7c588bad30254ad265fe472b453699875ff7345ece5f21e3b12135a3712daa3a

  • SHA512

    4cf0ef5615c40bc9d41a41b46b7490a4b22e958990f9ebb4a11b4528ea4491192a65efd1cd23649402bcbe0b5d0e90e2a43c7045cd971c436f150e252e4ca453

Score
10/10
shurkinfostealerspywarestealer

Malware Config

Targets

    • Target

      7c588bad30254ad265fe472b453699875ff7345ece5f21e3b12135a3712daa3a

    • Size

      731KB

    • MD5

      f7447783a2122d8716e204dcd863245f

    • SHA1

      0b8b6bc7caf1366700be7ff189563858869267a7

    • SHA256

      7c588bad30254ad265fe472b453699875ff7345ece5f21e3b12135a3712daa3a

    • SHA512

      4cf0ef5615c40bc9d41a41b46b7490a4b22e958990f9ebb4a11b4528ea4491192a65efd1cd23649402bcbe0b5d0e90e2a43c7045cd971c436f150e252e4ca453

    Score
    10/10
    shurkinfostealerspywarestealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer Payload

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks