skuld | 54dc9f8c8ee674011484b587f1b8bb9263627ce6e38269fab00f0e3d2843994b | Triage

Sharing

General

Target

main.exe
Size

7.5MB
Sample

241102-l8b3batlan
MD5

3a26ed8326d2cacb7dbfca21ede0a7ec
SHA1

e1390d5fad0850e2697fa92e1b8b3e295746772a
SHA256

54dc9f8c8ee674011484b587f1b8bb9263627ce6e38269fab00f0e3d2843994b
SHA512

4a6cf8c5b4c1decf71d0ec1143afc4b8fd0bcb47be9015348b31b2180eead4405fac5d0cde7c2f461f79c874bd0e9dfc5d5a71e4daee8d5f8e395adb4917d116
SSDEEP

196608:VCfEaDlKHFDrgqQft5x3kJ0INrKAI7Y6tCz2UnzXL:VCcoGFrgr1L3C0elCCz2UnzX

Score

10^/10

skuld persistence stealer upx

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1302202147064119357/E-X5awV-gyAF3En53aWIADdVrCfZRUhTifv9oA7SuxuNOoWYtSX7EiDlFwWQPiNcLepI

Targets

- Target
  
  main.exe
- Size
  
  7.5MB
- MD5
  
  3a26ed8326d2cacb7dbfca21ede0a7ec
- SHA1
  
  e1390d5fad0850e2697fa92e1b8b3e295746772a
- SHA256
  
  54dc9f8c8ee674011484b587f1b8bb9263627ce6e38269fab00f0e3d2843994b
- SHA512
  
  4a6cf8c5b4c1decf71d0ec1143afc4b8fd0bcb47be9015348b31b2180eead4405fac5d0cde7c2f461f79c874bd0e9dfc5d5a71e4daee8d5f8e395adb4917d116
- SSDEEP
  
  196608:VCfEaDlKHFDrgqQft5x3kJ0INrKAI7Y6tCz2UnzXL:VCcoGFrgr1L3C0elCCz2UnzX
Score

10^/10

skuld stealer upx persistence
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

skuldstealerupx

behavioral2

skuldpersistencestealerupx