shurk | afa50c786124859078e051ae7bb6477d5799782da50cfe6ea9233fb80e88c4dc | Triage

Submit
Reports

Overview

overview

Static

static

3

Launcher.exe

windows7-x64

Launcher.exe

windows10-1703-x64

Launcher.exe

windows10-2004-x64

Sharing

General

Target

Launcher.exe
Size

6.7MB
Sample

230713-hj3xysge91
MD5

334b9c941a4ea898d1ddba23b76073a7
SHA1

6fb79f20ddcd534e872273c958b375e0cc955718
SHA256

afa50c786124859078e051ae7bb6477d5799782da50cfe6ea9233fb80e88c4dc
SHA512

8be5dfbfe6a1522a20a9c5119d5935bd9569ec00861e8376583431bd9a9b84fafef59359cf0bfcd13b6af1d6bc6fe426bb9bb28e1e0490ab76d8c036edaa8e9b
SSDEEP

98304:iv9wyzNooScrRbKygP8oK8PuT0vK0boUz2sDwzKFpWS2r:i1woeoScrxKyKnKTT0vTbxzUzW2

Score

10^/10

shurk infostealer spyware stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Launcher.exe

Resource

win7-20230712-en

shurk infostealer spyware stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

Launcher.exe

Resource

win10-20230703-en

shurk infostealer spyware stealer upx

windows10-1703-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

Launcher.exe

Resource

win10v2004-20230703-en

shurk infostealer spyware stealer upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Launcher.exe
- Size
  
  6.7MB
- MD5
  
  334b9c941a4ea898d1ddba23b76073a7
- SHA1
  
  6fb79f20ddcd534e872273c958b375e0cc955718
- SHA256
  
  afa50c786124859078e051ae7bb6477d5799782da50cfe6ea9233fb80e88c4dc
- SHA512
  
  8be5dfbfe6a1522a20a9c5119d5935bd9569ec00861e8376583431bd9a9b84fafef59359cf0bfcd13b6af1d6bc6fe426bb9bb28e1e0490ab76d8c036edaa8e9b
- SSDEEP
  
  98304:iv9wyzNooScrRbKygP8oK8PuT0vK0boUz2sDwzKFpWS2r:i1woeoScrxKyKnKTT0vTbxzUzW2
Score

10^/10

shurk infostealer spyware stealer upx
- Shurk
  Shurk is an infostealer, written in C++ which appeared in 2021.
  infostealer shurk
- Shurk Stealer payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2 behavioral3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

shurkinfostealerspywarestealerupx

behavioral2

shurkinfostealerspywarestealerupx

behavioral3

shurkinfostealerspywarestealerupx

© 2018-2024

Terms | Privacy