Overview

overview

10

Static

static

3354ead05f...c0.exe

windows7_x64

10

3354ead05f...c0.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3354ead05f180c2431766d4736409e8b11a8db5515a847105a7b9817c0f0aac0

  • Size

    731KB

  • Sample

    220502-w9p1nsdca7

  • MD5

    3511986f2471c29eae35457fe4dbc33c

  • SHA1

    d6fe1966a12d94e3deba234c7bcd86a6c36f8e0d

  • SHA256

    3354ead05f180c2431766d4736409e8b11a8db5515a847105a7b9817c0f0aac0

  • SHA512

    1cd0d480ac6400d45fdcb1505145fc2547723fc26b9f9f0115fefff9b990b3b637ca2489facdd6d7422a4b299a215b9d0274512a780fb52f7e7f125bbd2e3996

Score
10/10
shurkinfostealerspywarestealer

Malware Config

Targets

    • Target

      3354ead05f180c2431766d4736409e8b11a8db5515a847105a7b9817c0f0aac0

    • Size

      731KB

    • MD5

      3511986f2471c29eae35457fe4dbc33c

    • SHA1

      d6fe1966a12d94e3deba234c7bcd86a6c36f8e0d

    • SHA256

      3354ead05f180c2431766d4736409e8b11a8db5515a847105a7b9817c0f0aac0

    • SHA512

      1cd0d480ac6400d45fdcb1505145fc2547723fc26b9f9f0115fefff9b990b3b637ca2489facdd6d7422a4b299a215b9d0274512a780fb52f7e7f125bbd2e3996

    Score
    10/10
    shurkinfostealerspywarestealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer Payload

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks