General

  • Target

    GenesisLoader.exe

  • Size

    3.2MB

  • Sample

    241104-cq3yms1fnl

  • MD5

    8b684724a136910f13bb804e23f6c063

  • SHA1

    d573add7ec341c34d318407041486827c0e61cc4

  • SHA256

    0b57a16929b2c048ed07a5b5a22e0615ddc54052d3bf6e159d402e1db2451993

  • SHA512

    88d495bca59669ac8a728cd09d47723098840f5dc8afff79882aad6f751b04342d82e7d144306062d5ee535730db4b6f139a81fd2a7b06658aed02eb5f2057fd

  • SSDEEP

    98304:e7Kdi/nDXpVyNpEEY3JcPr4+OUYujeXy:KKduLCNpfY3JX+vje

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1301342721436422225/ExDTQQzBSxDYOtNN8CTw_3RbcACa6OYivXeZWXNHpdqngLp7DaCNXj4g-voNo8MXkuFf

Targets

    • Target

      GenesisLoader.exe

    • Size

      3.2MB

    • MD5

      8b684724a136910f13bb804e23f6c063

    • SHA1

      d573add7ec341c34d318407041486827c0e61cc4

    • SHA256

      0b57a16929b2c048ed07a5b5a22e0615ddc54052d3bf6e159d402e1db2451993

    • SHA512

      88d495bca59669ac8a728cd09d47723098840f5dc8afff79882aad6f751b04342d82e7d144306062d5ee535730db4b6f139a81fd2a7b06658aed02eb5f2057fd

    • SSDEEP

      98304:e7Kdi/nDXpVyNpEEY3JcPr4+OUYujeXy:KKduLCNpfY3JX+vje

    • Skuld family

    • Skuld stealer

      An info stealer written in Go lang.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks