skuld | 98c268b55ecfe3b0dd8496f973e181e567bcfa5f92762bffe8e47039cfe232ea | Triage

Sharing

General

Target

StarsHero.exe
Size

3.2MB
Sample

241026-2naxhszepc
MD5

d4d0a5a330d40fbfa9ac9ef3bda704c9
SHA1

1822302a9655585afdb820afde271ed6ab64791c
SHA256

98c268b55ecfe3b0dd8496f973e181e567bcfa5f92762bffe8e47039cfe232ea
SHA512

ad9a9810c0d044aef36a00704974fe9f261b7d66eef40f0494817ab50644198ae32fcd436318bcd514ed831e31645cf04b1ea2749b456ab10e868effc4d37b80
SSDEEP

49152:XVUlMxh3KbgsF2ljgJcvTdqrVPLiRfYMNqusjmj3YXYUAgg+b9ub9AC5JJ9:X2l0hlsERv0J+fYMNOY2Yf+SeC5JJ9

Score

10^/10

skuld discovery persistence stealer upx

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1299857810292609034/CmvPrI4O1_Ki2MR6uQa8p7l5tp_6fFkSrqlQl4lee8GPVswb-bDC49xNFwmJAK-hRCrz

Targets

- Target
  
  StarsHero.exe
- Size
  
  3.2MB
- MD5
  
  d4d0a5a330d40fbfa9ac9ef3bda704c9
- SHA1
  
  1822302a9655585afdb820afde271ed6ab64791c
- SHA256
  
  98c268b55ecfe3b0dd8496f973e181e567bcfa5f92762bffe8e47039cfe232ea
- SHA512
  
  ad9a9810c0d044aef36a00704974fe9f261b7d66eef40f0494817ab50644198ae32fcd436318bcd514ed831e31645cf04b1ea2749b456ab10e868effc4d37b80
- SSDEEP
  
  49152:XVUlMxh3KbgsF2ljgJcvTdqrVPLiRfYMNqusjmj3YXYUAgg+b9ub9AC5JJ9:X2l0hlsERv0J+fYMNOY2Yf+SeC5JJ9
Score

3^/10

discovery
behavioral1
- Target
  
  Hero Installer.exe
- Size
  
  3.2MB
- MD5
  
  99b4eee043f43b712c55e22627e0657e
- SHA1
  
  5c52730ce0a5e5662fd4d3b31cc6808284aed4a1
- SHA256
  
  c7e5ec4788379a9dfe837b77cffccd736a89b075de9f6839b63b9a1e97cbccd2
- SHA512
  
  481093a306b7098858b3850eb4cb6994c37e2a8204d7eefcccf5bd7e1dde17a6ab9d6852cda6c2102220beb4881508ae63a08c684fae3eecdb5feeea72590976
- SSDEEP
  
  49152:6UlMxh3KbgsF2ljgJcvTdqrVPLiRfYMNqusjmj3YXYUAgg+b9ub9AC5JJ:dl0hlsERv0J+fYMNOY2Yf+SeC5JJ
Score

10^/10

skuld persistence stealer upx
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

skuldpersistencestealerupx