skuld | d2eaee32dee01579196e56203860fcf7280b1e327e6c37aaea3842477610154a | Triage

Submit
Reports

Overview

overview

Static

static

slinky.rar

windows11-21h2-x64

8

Sharing

General

Target

slinky.rar
Size

26.1MB
Sample

240812-2rgjgavepm
MD5

2c6bddc33cec241b955de61acf5b3443
SHA1

d0d7fd56c6801edfe7d630e1760b4898b0a96010
SHA256

d2eaee32dee01579196e56203860fcf7280b1e327e6c37aaea3842477610154a
SHA512

a95254ccf49431214638205a404bf022c2dc0de45a46ff412d1161998274e1e72f71656e1814780e34acfb4dc51ddfdf7ea8408342152f66e2cdf6ff29448b63
SSDEEP

786432:muYvfKGq1vSjY/DY3MacWVHewsG483Z6bD7N:mPvfKGqJS8/DnALsG6HN

Score

10^/10

skuld defense_evasion discovery

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

slinky.rar

Resource

win11-20240802-en

defense_evasion discovery

windows11-21h2-x64

18 signatures

300 seconds

Malware Config

Extracted

Family

skuld

C2

https://ptb.discord.com/api/webhooks/1272127018074640406/dHVa75jSMPaiEdYbiSLUjNWITHphosFrlmkfwpka_RSvNBCLhgp_ZiHAdnIAbdCZnLgB

Targets

- Target
  
  slinky.rar
- Size
  
  26.1MB
- MD5
  
  2c6bddc33cec241b955de61acf5b3443
- SHA1
  
  d0d7fd56c6801edfe7d630e1760b4898b0a96010
- SHA256
  
  d2eaee32dee01579196e56203860fcf7280b1e327e6c37aaea3842477610154a
- SHA512
  
  a95254ccf49431214638205a404bf022c2dc0de45a46ff412d1161998274e1e72f71656e1814780e34acfb4dc51ddfdf7ea8408342152f66e2cdf6ff29448b63
- SSDEEP
  
  786432:muYvfKGq1vSjY/DY3MacWVHewsG483Z6bD7N:mPvfKGqJS8/DnALsG6HN
Score

8^/10

defense_evasion discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

SIP and Trust Provider Hijacking

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2024

Terms | Privacy