General
-
Target
skuld.exe
-
Size
3.1MB
-
MD5
5837d2a6c61da20d952bcb25b0a92bf2
-
SHA1
2d960f4faf60fb2ad95a5baf3aca14a9fe298956
-
SHA256
32746dd24482d95d2c28a63aa5d63ab1018177eb23d114b9c501753023332c5a
-
SHA512
c0578b1ac2156f232766acde0aec2da0ddec2b7e13d5fe35ac0c2fe50139517d265013ae7d33a7cffa1df139f2cbf3d6bbea142591e0bb4ec58237506800dc11
-
SSDEEP
98304:6pLjh0PSxB1NF+3MghGM+DH5eiidhU3u5:6p5TXF+3kG1L
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource skuld.exe
Files
-
skuld.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 7.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE