Overview

overview

10

Static

static

1

URLScan

urlscan

1

https://cdn.discorda...

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    https://cdn.discordapp.com/attachments/1282151429091495947/1284316095909462066/hitman_pro_cleaner.exe?ex=66e63012&is=66e4de92&hm=58f5e507c5c932cb81c124dd0a79635bfd349657f1b2d1d54fffd523b312e7df&

  • Sample

    240914-a87nfaygkf

Score
10/10
skulddiscoverypersistencestealerupx

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1284308524209274920/ikoVoSu3wRmliQXetlfjDeJ0If_LEtLUXWl74ye3m44Z-EW5J-32znogAKGrVj1xQJDa

Targets

    • Target

      https://cdn.discordapp.com/attachments/1282151429091495947/1284316095909462066/hitman_pro_cleaner.exe?ex=66e63012&is=66e4de92&hm=58f5e507c5c932cb81c124dd0a79635bfd349657f1b2d1d54fffd523b312e7df&

    Score
    10/10
    skulddiscoverypersistencestealerupx

    • Skuld stealer

      An info stealer written in Go lang.

      stealerskuld

    • Downloads MZ/PE file

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks