skuld | 666830e77c54ae9101711bf5188ec509ea1e63248338e02cea0a90759ca5fc8e | Triage

Resubmissions

08-11-2024 00:30

241108-atn8js1eqd 10

Sharing

General

Target

stash.rar
Size

3.6MB
Sample

241108-atn8js1eqd
MD5

6ad13ace8cd873abb403d0fed31c5c87
SHA1

be0cd2116b30059a0ffbd7bab9275d81dc591c6d
SHA256

666830e77c54ae9101711bf5188ec509ea1e63248338e02cea0a90759ca5fc8e
SHA512

abbd925904a393ccf77e3ecb62ba0d0a80b00a584c13bc86a92fb8d08f8db736c75747039b6c69de5c841f94a65e6e710845cd3d69951a7b8663741b8bfad130
SSDEEP

98304:OacFLzzt29YKNm+qFs+q4pMg6KRZRKPH5hSF4hqvM:VcFLftcNm+quopcKdKBo4EvM

Score

10^/10

skuld persistence

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1304194253387206718/6B-P1dSV3aweeugFt1e_YMqZRokv6G5iywdNft3wl2Oy6zXt9Q0DD2bwKuXorZTAtPZ4

Targets

- Target
  
  stash.exe
- Size
  
  10.0MB
- MD5
  
  0d2168c21b4f8b5939889b1e4326271f
- SHA1
  
  342426bc1a07d4e9c51e2e23eefe799bb84b4bc2
- SHA256
  
  b0681b57abd9c2f2f914dab62343f95d99d1220826a53bfc58d932add5a60ba1
- SHA512
  
  f553ffd69181ebb86f7795f7be1158cc638cf42d3931f0757983d86ba3fc94bd3103a78f806c00e8cae44891cf128d39c68c42be576751bbac196e259b72cf6f
- SSDEEP
  
  98304:JqAJuKBKT5FgjCg0ZTLf7eAO7CFjEED2gCZmVz:AABK5F0en7eAOmFw3Yz
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2