Extracted

• • Target

    cmd.exe

  • Size

    9.9MB

  • MD5

    9478056827dc985dba17b6c55e3cb928

  • SHA1

    3cf6e9b6f1e3f3bf81ea6bcf5d18daa834d953ff

  • SHA256

    063e987f285254ba377777908c86776620eb52bd075e3bc9c7c35afb483eadef

  • SHA512

    d4f78e67f43533152c9cfb0abb3044a0bd17054a845b8ae5033f0f46c43b4772cc3691373cfd3c346f9fe9169dbb280fd158d6e8b90c176cbe19954c33690754

  • SSDEEP

    98304:OzU4brhxBASgf/gEpiji6Ig8TWAiEIICafZm/mbnXg:OxrhxBAGZji6IdThvRTXg

  Score

  10^/10

  skuldpersistencestealer

  • Skuld family

    skuld

  • Skuld stealer

    An info stealer written in Go lang.

    stealerskuld

  • Adds Run key to start application

    persistence

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2