General
-
Target
fb1b85b57041bc462f876726f8a16659.bin
-
Size
5.5MB
-
Sample
230716-cy3b3scd36
-
MD5
0fe511fcc77fa3f23adb24c0453c9313
-
SHA1
56f3186f954c6d266dd2693703b6fa7f2de153d6
-
SHA256
0e47c3f042b46b7561d351fd9b4f14c6ef3213c748421c3256eb28d376bef1d5
-
SHA512
c2b12759a454c2318916ee5dee877d9200edb2603cc30a5b16c47affb9aa3891ac103d78580e3b940b26288db7bfc2ae4c2e8c504a0f42df7a2321b19629c35e
-
SSDEEP
98304:oglzoAt8e6HhO0QjyW36+HKBuns4V2WtDLzCMhvdJrZBAUzC:ZoAKe+QJb36+HnnlV2WteMh1J4v
Malware Config
Targets
-
-
Target
1d386f96ab141c7bd7dfb8dfe9e747143670996a7b3d5a4c224c34e8a5973379.exe
-
Size
6.6MB
-
MD5
fb1b85b57041bc462f876726f8a16659
-
SHA1
c2b93b37e4d2d770dc4c6b33882d9217aebe3729
-
SHA256
1d386f96ab141c7bd7dfb8dfe9e747143670996a7b3d5a4c224c34e8a5973379
-
SHA512
1ee64d93b2c36ba2d8ada0f67e7a0630408d5a5cf4ebbbb47dcbabc6d6e9b5e896ac96e902b56f5b0a7423e0da9a1703a213a6bf276b8d4d55b8da080548cfaf
-
SSDEEP
98304:F0NytytRQ+MK8dkb8BET69lUz2sDwzKFpWS2r:F0NytytRQ+D8dkbAEG9OzUzW2
Score10/10-
Shurk
Shurk is an infostealer, written in C++ which appeared in 2021.
-
Shurk Stealer payload
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-