Overview

overview

10

Static

static

3

f8.exe

windows7-x64

10

f8.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f8.exe

  • Size

    16.9MB

  • Sample

    230715-tdxdrsbd69

  • MD5

    a2003bd97dc1213350922c80f30c1993

  • SHA1

    4d69ba16bf5b456fd0f30bda7d4ca2f4acfc29d3

  • SHA256

    a2061e2151eab44f61c984475680cee2ae69325b4fa55aec57381f2390f97b44

  • SHA512

    73c6da611f124e6b31492ff9d25f6691d79d74596aeb7e877a6993d171b5b2715f536f3f965bbccc770472f02459e16f759f6ddb219a81410d1b86413aa871f1

  • SSDEEP

    393216:0TQvE3PLny7Xq+4E0ZLlW3rBAtTkuk8LyKa1y3:0uQby7X/dALUVAz4n1

Score
10/10
shurkinfostealerspywarestealer

Malware Config

Targets

    • Target

      f8.exe

    • Size

      16.9MB

    • MD5

      a2003bd97dc1213350922c80f30c1993

    • SHA1

      4d69ba16bf5b456fd0f30bda7d4ca2f4acfc29d3

    • SHA256

      a2061e2151eab44f61c984475680cee2ae69325b4fa55aec57381f2390f97b44

    • SHA512

      73c6da611f124e6b31492ff9d25f6691d79d74596aeb7e877a6993d171b5b2715f536f3f965bbccc770472f02459e16f759f6ddb219a81410d1b86413aa871f1

    • SSDEEP

      393216:0TQvE3PLny7Xq+4E0ZLlW3rBAtTkuk8LyKa1y3:0uQby7X/dALUVAz4n1

    Score
    10/10
    shurkinfostealerspywarestealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks