skuld | e5dd8734559a07856c50fdbad7c49ecb14c5d2cf615e096d35abbea0442e3c8f | Triage

Sharing

General

Target

Loader.exe
Size

3.2MB
Sample

241104-e6tq1svakl
MD5

0a4c593507a31d3f4253df9acfb18685
SHA1

03d6f7fc3bea683c115125e9693c31988502910a
SHA256

e5dd8734559a07856c50fdbad7c49ecb14c5d2cf615e096d35abbea0442e3c8f
SHA512

5cfbfb39a9bfe0d46cc551863c5049c9aa8352c24ffaa8cd5b52e227dee88006610c5bb58b3bc49f6fedfbb7fe996a0a3c9b2d6bf31f770569d456984455628b
SSDEEP

98304:0Do8NHCp5zjlB5FR545qF90ix9OtPnoplk2n:0h0FjlBt5nx85gk2n

Score

10^/10

skuld persistence stealer upx

Malware Config

Targets

- Target
  
  Loader.exe
- Size
  
  3.2MB
- MD5
  
  0a4c593507a31d3f4253df9acfb18685
- SHA1
  
  03d6f7fc3bea683c115125e9693c31988502910a
- SHA256
  
  e5dd8734559a07856c50fdbad7c49ecb14c5d2cf615e096d35abbea0442e3c8f
- SHA512
  
  5cfbfb39a9bfe0d46cc551863c5049c9aa8352c24ffaa8cd5b52e227dee88006610c5bb58b3bc49f6fedfbb7fe996a0a3c9b2d6bf31f770569d456984455628b
- SSDEEP
  
  98304:0Do8NHCp5zjlB5FR545qF90ix9OtPnoplk2n:0h0FjlBt5nx85gk2n
Score

10^/10

skuld stealer upx persistence
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

skuldstealerupx

behavioral2

skuldpersistencestealerupx