Extracted

• • Target

    tmp

  • Size

    77KB

  • MD5

    10f57aeea7d69c1fd26302daea446d8d

  • SHA1

    a2c2b246233565b7deade7a4e27b9bf521cdb714

  • SHA256

    e890b9a76c6f9b47913ad5102fd668b556234c6be3488580577a03ed3f61b62c

  • SHA512

    a28fc863f62f48fa26810ae7c099b03fc85b0d2542b3491aa2b5afb54df1114f415636f0ff048d3a8e0d158ff6378403a60c1ad3e3270c49e06ffea85da2ccb4

  • SSDEEP

    768:oGJtwP79DfSNRjXkUs/2PC0UjobHXyZ3Bs9naW+9SLQ:9J+P7RKNRjXkUs/2KrUbHes9a3SLQ

  Score

  10^/10

  gurcuspywarestealer

  • Gurcu

    Gurcu stealer is a malware written in C#.

    stealergurcu

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2