Overview

overview

10

Static

static

3

Loader.exe

windows7-x64

10

Loader.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Loader.exe

  • Size

    8.0MB

  • Sample

    230814-bkg9bagb82

  • MD5

    22fcb6e52cc1b2e7577a119a595bf8c8

  • SHA1

    e4d1de0a77a3a0fb045c4df5650d0f72093ac56b

  • SHA256

    771dd9bf1defca2c753a84213394189cbc0937d362e0ae4c93ef1f3f9d16b98d

  • SHA512

    5ee636e7b3ec1b35b98a7f4ef06c57bcf3a1fa9ff344fe753550fb42e4733757af0b27a2175daf0f4c141b2e22727d671bb3a49bde9e5a76cd179c8e106d93d6

  • SSDEEP

    196608:Gg1DvMJTJyWVSFi50E3bwcIm7aGkWakK:Gwvu1E2IKaf6K

Score
10/10
shurkinfostealerspywarestealer

Malware Config

Targets

    • Target

      Loader.exe

    • Size

      8.0MB

    • MD5

      22fcb6e52cc1b2e7577a119a595bf8c8

    • SHA1

      e4d1de0a77a3a0fb045c4df5650d0f72093ac56b

    • SHA256

      771dd9bf1defca2c753a84213394189cbc0937d362e0ae4c93ef1f3f9d16b98d

    • SHA512

      5ee636e7b3ec1b35b98a7f4ef06c57bcf3a1fa9ff344fe753550fb42e4733757af0b27a2175daf0f4c141b2e22727d671bb3a49bde9e5a76cd179c8e106d93d6

    • SSDEEP

      196608:Gg1DvMJTJyWVSFi50E3bwcIm7aGkWakK:Gwvu1E2IKaf6K

    Score
    10/10
    shurkinfostealerspywarestealer

    • Shurk

      Shurk is an infostealer, written in C++ which appeared in 2021.

      infostealershurk

    • Shurk Stealer payload

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks