Extracted

• • Target

    CBLines.exe

  • Size

    9.9MB

  • MD5

    6b4262cd05ab0f1db238e89d2bf1d21f

  • SHA1

    affae24bd3cd439c704100de5cd65e5729465284

  • SHA256

    4cc9f1e397b2077f370e5291afd1a03aac07b1a29e17c88ca2020ae6e695835d

  • SHA512

    e2f2e2c655b7992df253ea97a580088e752cd8e74f215782a2ddfe9f184de5109becef5c141c5631c1eb353109d2d2adacd418cea12dbd0014ec0c3e8f843885

  • SSDEEP

    98304:LQI9wzKxmhMIIKfGTibiyCC9cK8IE2ICafZmwjsEejd:LIzKxmhhtbiyCicRhDUjd

  Score

  10^/10

  skuldpersistencestealer

  • Skuld stealer

    An info stealer written in Go lang.

    stealerskuld

  • Adds Run key to start application

    persistence

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2