skuld | 47736ab0086f8fff2e922aa17512a0659832c308b723efbceee35f93d31091c1 | Triage

Sharing

General

Target

synz_newest_9-28-2024.exe
Size

9.9MB
Sample

240929-q4dgsszeme
MD5

021614fb40506a29c35d4beb8e9a257c
SHA1

184f16ab0e17eb3b9504eb57f8aa4f3aadf86ce1
SHA256

47736ab0086f8fff2e922aa17512a0659832c308b723efbceee35f93d31091c1
SHA512

d6aab770ebc21c283e5188745df15a1247b83ad4f1695ba659ff7d03d4a6dbb256793d025a56a0fa93898b8e5d38351af35f17d8a5532c4cad7f6392fcf35166
SSDEEP

98304:VqjRuMb60fkT9y03ldHxJOjSOvBvdzEpfn2v/ZmaGHMd6:gj7WmkTf9OjSOJvdgUPGHQ6

Score

10^/10

skuld discovery persistence stealer

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1287929501275127819/Vad7__mR0RgQZr-7HVuAVCato4JnEC1hMgX9aqegKbddRUzYphy8Zz2n_ZlFaWIXOvbv

Targets

- Target
  
  synz_newest_9-28-2024.exe
- Size
  
  9.9MB
- MD5
  
  021614fb40506a29c35d4beb8e9a257c
- SHA1
  
  184f16ab0e17eb3b9504eb57f8aa4f3aadf86ce1
- SHA256
  
  47736ab0086f8fff2e922aa17512a0659832c308b723efbceee35f93d31091c1
- SHA512
  
  d6aab770ebc21c283e5188745df15a1247b83ad4f1695ba659ff7d03d4a6dbb256793d025a56a0fa93898b8e5d38351af35f17d8a5532c4cad7f6392fcf35166
- SSDEEP
  
  98304:VqjRuMb60fkT9y03ldHxJOjSOvBvdzEpfn2v/ZmaGHMd6:gj7WmkTf9OjSOJvdgUPGHQ6
Score

10^/10

skuld discovery persistence stealer
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Executes dropped EXE
- Adds Run key to start application
  persistence
- Legitimate hosting services abused for malware hosting/C2
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

skulddiscoverypersistencestealer