gurcu | a4c58de9ff779e2b5c28d35dde1884891ab419e909e42c5a164ea576d8348e6d | Triage

Submit
Reports

Overview

overview

Static

static

1

dridex

windows10-1703-x64

Sharing

General

Target

a4c58de9ff779e2b5c28d35dde1884891ab419e909e42c5a164ea576d8348e6d
Size

62KB
Sample

230923-zmpceaad3z
MD5

5f0bbf0b4ce5fa0bca57f1230e660dff
SHA1

529e438c21899eff993c0871ce07aff037d7f10d
SHA256

a4c58de9ff779e2b5c28d35dde1884891ab419e909e42c5a164ea576d8348e6d
SHA512

ddede174b3aac4bbf434e1d61da8fa858b4bde11850a75b113376dccb7356f054a9fb696f498cb01c040cec33bb03d75c8c7b2787d46fc33569aeb753ee16131
SSDEEP

768:I6rewtkBtW3vKSuJS4/bk/4wYMucso7ufooXRsG4TsJOTYp/eKcZbsDzmiKwnq+R:nkjWfKSYS4Yfso8DXt4IroJqYPmkK

Score

10^/10

gurcu collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

a4c58de9ff779e2b5c28d35dde1884891ab419e909e42c5a164ea576d8348e6d.exe

Resource

win10-20230831-en

gurcu collection stealer

windows10-1703-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  a4c58de9ff779e2b5c28d35dde1884891ab419e909e42c5a164ea576d8348e6d
- Size
  
  62KB
- MD5
  
  5f0bbf0b4ce5fa0bca57f1230e660dff
- SHA1
  
  529e438c21899eff993c0871ce07aff037d7f10d
- SHA256
  
  a4c58de9ff779e2b5c28d35dde1884891ab419e909e42c5a164ea576d8348e6d
- SHA512
  
  ddede174b3aac4bbf434e1d61da8fa858b4bde11850a75b113376dccb7356f054a9fb696f498cb01c040cec33bb03d75c8c7b2787d46fc33569aeb753ee16131
- SSDEEP
  
  768:I6rewtkBtW3vKSuJS4/bk/4wYMucso7ufooXRsG4TsJOTYp/eKcZbsDzmiKwnq+R:nkjWfKSYS4Yfso8DXt4IroJqYPmkK
Score

10^/10

gurcu collection stealer
- Detect Gurcu Stealer V3 payload
- Gurcu, WhiteSnake
  Gurcu is a malware stealer written in C#.
  stealer gurcu
- Executes dropped EXE
- Loads dropped DLL
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gurcucollectionstealer

© 2018-2024

Terms | Privacy