shurk | 240c73bd79b521aa5cec91153917929082b969d37387f82554636c16f0ec5e26 | Triage

Submit
Reports

Overview

overview

Static

static

3

AkebiPrivate.exe

windows10-1703-x64

Resubmissions

23-07-2023 20:32

230723-zbfk5ahb4z 10

Sharing

General

Target

AkebiPrivate.exe
Size

7.8MB
Sample

230723-zbfk5ahb4z
MD5

397a2465056330bcbfe99dbfc5e1b844
SHA1

5445d768d1d29c649add2cbe89b22462543fe03a
SHA256

240c73bd79b521aa5cec91153917929082b969d37387f82554636c16f0ec5e26
SHA512

30aafbbd19f53adfcb5078109b550a3d105b19efe14075a6dabefeea7b6314e55b78c08a64c3d658369eec44eba1e4d97c6b1bfa7523bf11a3f45abc38467e28
SSDEEP

196608:PBZS6ykGjALAZRvMDfFnLTuref1hh/TPTS4nzsszTR7Ap:prygLAZknLTuref1hh/bTS4nzsszTRsp

Score

10^/10

shurk infostealer spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

AkebiPrivate.exe

Resource

win10-20230703-en

shurk infostealer spyware stealer

windows10-1703-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  AkebiPrivate.exe
- Size
  
  7.8MB
- MD5
  
  397a2465056330bcbfe99dbfc5e1b844
- SHA1
  
  5445d768d1d29c649add2cbe89b22462543fe03a
- SHA256
  
  240c73bd79b521aa5cec91153917929082b969d37387f82554636c16f0ec5e26
- SHA512
  
  30aafbbd19f53adfcb5078109b550a3d105b19efe14075a6dabefeea7b6314e55b78c08a64c3d658369eec44eba1e4d97c6b1bfa7523bf11a3f45abc38467e28
- SSDEEP
  
  196608:PBZS6ykGjALAZRvMDfFnLTuref1hh/TPTS4nzsszTR7Ap:prygLAZknLTuref1hh/bTS4nzsszTRsp
Score

10^/10

shurk infostealer spyware stealer
- Shurk
  Shurk is an infostealer, written in C++ which appeared in 2021.
  infostealer shurk
- Shurk Stealer payload
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

shurkinfostealerspywarestealer

© 2018-2024

Terms | Privacy