Extracted

• • Target

    t40bd50ace847a114b83265af91b7.exe

  • Size

    315KB

  • MD5

    302fb687c1912342845fe7aa4517754c

  • SHA1

    4b38aa9b8cc0e9696c3d79ad057d9f1caad86c55

  • SHA256

    7b2dea7a8eff410159459e3f89c5e4fa81f8b9d2f6ce02cfaf8e307f3adf9f85

  • SHA512

    7f84eb441ed7b4e0296f37cc16015d96b9cf829648e46058248d3e7b731a443e2c549f07ba7632f49f12e44d6759efdc7ccadd184a87ac2aa19597d1263931da

  • SSDEEP

    6144:8T9+O50zYvPAtwVj6XbeBuQdwLaA19bUUyFLa:84H8XQ3QdwLaZUWL

  Score

  10^/10

  gurcucollectionspywarestealer

  • Gurcu, WhiteSnake

    Gurcu is a malware stealer written in C#.

    stealergurcu

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2