skuld | fdfba94118a83e52142821d091e2bba6bca54d18521745c3ee4ae8b9d1de5ddd

Sharing

Copy URL

Twitter E-mail

General

Target

slinky.rar
Size

78.1MB
Sample

241108-bl3awavjcp
MD5

a8f7758fef3de9737d2f87c21a49369c
SHA1

e6e9668543f9b8d841ae3ba829b3ef23fc930f24
SHA256

fdfba94118a83e52142821d091e2bba6bca54d18521745c3ee4ae8b9d1de5ddd
SHA512

a6cf00026e11c656ae2ccb0e19ba575c1f255916116137334a7db1e63271472fabd2346dbff304d93c3b100a661dbb9f3ad188c71d35d2ed23d538de8e881ea3
SSDEEP

1572864:+LN64E+B4WDiHnbLj5CxXrD2Nz4+FT5sX5XXTnKhGOt3KmftOZTa9:+Lw+BdDgjKXfa4I5sJnzKTtHtwe9

Score

10^/10

skuld

Malware Config

Extracted

Family

skuld

https://ptb.discord.com/api/webhooks/1296774769303359571/SuAqJEaZ8HyMJeY4XNdTzjqboa7EQQC9NlFu7Nm8gWVWabNPEFyEqvUIK1mdFAcYMMWN

Targets

- Target
  
  bin/Accessibility.dll
- Size
  
  19KB
- MD5
  
  ee37842ca98dcf5e05ef2cd37ba7b192
- SHA1
  
  c5bacae0f7221824c4a6e836636d4f995581c166
- SHA256
  
  3b2fb9f8a86546c3369819611cad29a037eb9dda399c7894f8332350d05dc30f
- SHA512
  
  ede609220c52a8ec5fec6c8e6f0a5425526843fde4814ed4a79609fe706b13a12708c79a28662faa9833115100d5dbf88e0024551611cfe838a67213956acdf4
- SSDEEP
  
  384:3WI/W82rkSiVKmE+FNZgOcHi+/dHRN7KfVlGsa9QAR:LAEEfOcHFFxHR
Score

1^/10
behavioral1 behavioral2
- Target
  
  bin/D3DCompiler_47_cor3.dll
- Size
  
  4.3MB
- MD5
  
  7641e39b7da4077084d2afe7c31032e0
- SHA1
  
  2256644f69435ff2fee76deb04d918083960d1eb
- SHA256
  
  44422e6936dc72b7ac5ed16bb8bcae164b7554513e52efb66a3e942cec328a47
- SHA512
  
  8010e1cb17fa18bbf72d8344e1d63ded7cef7be6e7c13434fa6d8e22ce1d58a4d426959bdcb031502d4b145e29cb111af929fcbc66001111fbc6d7a19e8800a5
- SSDEEP
  
  49152:aYlc/220PPiMLKam+VMrLi21f4i3jn5ZO3XUDmOZQwVd2uQpN3WsGVUWd55i/jrs:a6KD2Mrdaix4NQnLt
Score

1^/10
behavioral3
- Target
  
  bin/DirectWriteForwarder.dll
- Size
  
  485KB
- MD5
  
  fe18b6ed4c63d18156217dc30f1482e5
- SHA1
  
  1d1eccc4e03b086d49c453b4e5716e164892f006
- SHA256
  
  1f1093930ebc3779f2d4659ed3a31fd05cfa1dbffc0f7575955cb28e7b990c64
- SHA512
  
  c5c6e64eb2ab0ef93f6d823e002f895333983f4d151ac7296c7de65e9fb8096502f8db3035ded3612fb9c6c99a8a1c09c81c3ff84dca7e1b5c5b803d10e36052
- SSDEEP
  
  6144:aWmS5E0UvK2VMFiQT29ukf5rP22hTITqu2C9Bj1LRP60M8xsVaam53EvW+0Y9seY:aWmaMVMFoxuTRghYZIHQa12N
Score

1^/10
behavioral4 behavioral5
- Target
  
  bin/Humanizer.dll
- Size
  
  207KB
- MD5
  
  5fc547c851275cc7a1227843c7b35daa
- SHA1
  
  5e22f33bf7dfa5047fc9f661cf7ae069832bf006
- SHA256
  
  40dff6faebcc6e2babe37003853509b2050e806edf3c5f141fbb85fdc0d1bea7
- SHA512
  
  3382ec32d38bac335fb01464337bc0189a1f8cef33fb94c5d99c02655b4c14160fdf02786789a9687c1d651af0ca1a2b55417e8f32570ec5355e44624266acca
- SSDEEP
  
  3072:3EMxgfS3v/xcvZL8i6KHgFgJyEnJi5NV2XpFY7oejVLqoLbBr6h7sA/:37xgf+WlJiJ2XLYMejVTV6t
Score

1^/10
behavioral6 behavioral7
- Target
  
  bin/ICSharpCode.Decompiler.dll
- Size
  
  509KB
- MD5
  
  3f0b190b2c3de675c5dcd932ceecfe98
- SHA1
  
  f0c5c533ac50f0009ab3bc7ed2935b2cfbf01d55
- SHA256
  
  eea43e707cc5212eb2c32f788df7441b47e5e13ef6ef4a3a9bf2cecba3d51bc0
- SHA512
  
  907b047d0f679ae657083d3c7aea5daed2c1aa678d35674f0c23438c2a2e7e61ca19b2f362294ec6d7edc9b9367659594cb071d4deadd97d3375f71cf83c74d1
- SSDEEP
  
  6144:3Nulek0dQJywv/2ABniCx3DIWBQREWTWRKKxJ3s6gLP961yMINV6X20qlJJY+K:3ogpdQ0CFIytT5gMIhlJJY+K
Score

1^/10
behavioral8 behavioral9
- Target
  
  bin/ICSharpCode.NRefactory.CSharp.dll
- Size
  
  576KB
- MD5
  
  bb9b505e8de119d455b960dcdfd1379b
- SHA1
  
  7e513fae3fbee42a8321e2dd25715552a8e54acc
- SHA256
  
  9e5990f9b907e29a1b3cadecc278df05f27eb0e6130f135beb4b0152ccf2e9d2
- SHA512
  
  aa307588a0116472af36c8b4accf221d352e0b35e83f4861f661cc1caff5603128775ec3eeb5537ec3b66f946ac963133a62fe52f18349927edd9f8dc0cef66c
- SSDEEP
  
  12288:ItCo5SPhdfREvnwYCA+zkPggzWKOPKdCCfnPGJKI/k+5fxgyH1JZFkHHLVX4xbc1:TyO+Yse
Score

1^/10
behavioral10 behavioral11
- Target
  
  bin/ICSharpCode.NRefactory.VB.dll
- Size
  
  193KB
- MD5
  
  105185942e3b82168e85aca9245f177d
- SHA1
  
  c72a5b96d4831cdbcfbe401700becca8f9f58786
- SHA256
  
  54b757f43b63946b9e666c827f0023dce715ae09c45d762d267a08866fd9657c
- SHA512
  
  f869bf91fd30ca9cfe4bff42920e5b6cfed4646ce8839fc0875c83218821e96639558942215f9c43d24dbfe2a008bab8971d24b52407df9a4504cfe219e4fb04
- SSDEEP
  
  3072:PxvLbDjY3yiq/5WtOmas2MY4aVP/lTCcWlR0L2Pjs9vN7mGT:lLbtSQM5tbl7M7
Score

1^/10
behavioral12 behavioral13
- Target
  
  bin/ICSharpCode.NRefactory.dll
- Size
  
  280KB
- MD5
  
  599ac99e9726762a0430ca3c3b77f3c5
- SHA1
  
  889b575c6de2bcd8eda28fe3dc75879b388622fd
- SHA256
  
  7ae880504db44b9811d57c615e42107c2aace31a2683a83bfad2e00f4e03beef
- SHA512
  
  bd459ef5f0599eeb0601b7fd219db7aaded22c193a3672da057da84062c5cd50abe252564cb38233bd1cf886ed2353ecad5851a97b95fce8b3bebf1d61df87ff
- SSDEEP
  
  6144:26ene6DxXV3tcP9LT0WdT0eM3jTLdKlyn+lR+3Y:26eeuxhtQTDM3jTLdKlyn+lR+3
Score

1^/10
behavioral14 behavioral15
- Target
  
  bin/ICSharpCode.TreeView.dll
- Size
  
  58KB
- MD5
  
  1c754b4cf6bb9d6f36132b0dd0042a89
- SHA1
  
  490a800de4ba5ab32c7c5d04e68b4e23abde3666
- SHA256
  
  af3e6cef5342c7d7dd813913dde2c765c1501ecf0832397dbb631cd5d15dda21
- SHA512
  
  b61f4cf7f599db4b3083cd5e9f739afa239f408e6ead3bac7eed47babe8a8fde6c76110e8ff237606dd7176f4bc3ff56676f71f8ca329e46cc93439fbe2dd170
- SSDEEP
  
  1536:8jwWaYuo0UVdlY4dDAtV2n//bbvlZhtTVDS1UFL6THwLurd:8U1Yuo0UVLxOUn//3NtCUeB
Score

1^/10
behavioral16 behavioral17
- Target
  
  bin/Iced.dll
- Size
  
  1.6MB
- MD5
  
  664c15683a6a3fb4204d5f1ff42e2e5c
- SHA1
  
  181591babf235320241075da4c60d1bfe21c8285
- SHA256
  
  dec71b0af2c2267fa1ca8d1465faf914ab5350c7407d0e35edd690d1b4f421fb
- SHA512
  
  cf5f17bed9e4b437c7354a1495a009de1f3ac3ffd1b59f9b8662b12c30f0c2e5e8f8f65610a433ff0be099963bc6c8a2a236bbdc8e8a0d8f35ef401da1fe06ee
- SSDEEP
  
  12288:TSDMaFobUafDLGzkXNWx5g/nKjysieauTB6TJGv7FN7Q/918Gs2jRweNsUTrk61U:CkdWx5LvM/n1weSUTrk61uihPQ
Score

1^/10
behavioral18 behavioral19
- Target
  
  bin/Microsoft.CSharp.dll
- Size
  
  969KB
- MD5
  
  bdf6562009602901303b767a491d38e2
- SHA1
  
  a1f3a8ba254643f2d5ef5c3a2b0cf9ce253156d9
- SHA256
  
  4179e606cef583e8ea2e022e66a9c1320b2234be6663cf96133cb7bd2e89c084
- SHA512
  
  e1f00a4e54c251d9051ba59e0a98c4dae0bfcf891895b1128d70122b5eb451628c60ee04f419a22d0c7247c80d7f98f08958ae8d28c2b49e84e70a5d5897e60c
- SSDEEP
  
  24576:v8CEpORInlfl9o9yH8jIDmAp5zn6xO6p1HufYwdHah:tSd9o9yH8kDmAp5n6XHCRZ
Score

1^/10
behavioral20 behavioral21
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.ExpressionEvaluator.dll
- Size
  
  99KB
- MD5
  
  c093e7d2deac718331b5a1f90a296e82
- SHA1
  
  57b1e624faa420481a1b8efff8949a8f3a69c010
- SHA256
  
  afdaf3294c67480ba855ca06f6750762a7828d4a104d79a32569c6f334a743c1
- SHA512
  
  a6602766979a732885f6ffc1bc5dbaf9f2e4dd9640bd8e3478d60bc3114a0e62180b3d7e59d3707a48890beffd0bfcff2d32e0fd50d43d5a380fbbbe379a741b
- SSDEEP
  
  1536:Rbf5/T3RO4A67T0V3etHeI43tvlKKmCuwMvNtO8P/aqCYYISv74osfy7NB6S+XPb:1V3A4AoHf4dvAKmCuwMS8X1LYIn2m7
Score

1^/10
behavioral22 behavioral23
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.Features.dll
- Size
  
  955KB
- MD5
  
  d0b6f0df27507b3321e57b04b15cccd6
- SHA1
  
  82940bc154bc81a18bb4678f60a4de268c6babf9
- SHA256
  
  fd7c989836facb6341057062bb87ae35ecce722de3329cc63930bc0d875dc1f8
- SHA512
  
  e7a78e8a4dc3d31c16ba8a3ae1c62bfb6f8267b80e58468190e4044494ac727d6b9f521209c0e749cd53e6059c82542c3f773d9e5cbf97816b4e9be553a7d49f
- SSDEEP
  
  12288:rqRBrFpSQor5EjxSKV1W+OWPb1sbTfncPAqoBPxfeh7z:6eQnVswsbTfn7Oz
Score

1^/10
behavioral24 behavioral25
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.Scripting.dll
- Size
  
  28KB
- MD5
  
  975129c8b6a6e514c231441630179bd7
- SHA1
  
  6e0d9e9abe646d574eebaa5359b9e16d6407a722
- SHA256
  
  c7b0746b960654a0cb51df95feb1fcd16b8ba99a1369a5603b00abcf31cb6b44
- SHA512
  
  e2919caaf0bf3a22dca384bb257a075513829bba71d4e9babe5e64d995fb26a43858a75f883811ef50be9c49a7b22a3a79943eb157adc464a6fae65ec0c29535
- SSDEEP
  
  384:SnkPsVDzfK8DkGP4D8oewY2kGqln2XhtmGkIcyWkVfW8S/0Lg/dl//Hq:kkGfdna8oe6lq12XhwGkTYRS8AK
Score

1^/10
behavioral26 behavioral27
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.Workspaces.dll
- Size
  
  692KB
- MD5
  
  7a56b5cb02da5b7208706ee49abd9d43
- SHA1
  
  a331b07be743af5ba274249687578a28ce7b68eb
- SHA256
  
  310ebdfce5f3ffa522fdce334fae8938cb1db3fa887c4e7218e90e78c7a90e67
- SHA512
  
  8c94439daa5b506500099d1549fee089640b65c8209665a42987d5401d664528d539adcfd992cbb66d740cdd377882e385d561476818cbdc28dc7a8bb19963a3
- SSDEEP
  
  6144:VYbRJSfgneMuliMfTxwbxwgnjXP2V1Yh7TCJfNwIewaIRIfhCGz5Xo0gGfQmDm8K:LwsNfTxQx36V1YhOqIDu4fz8s8h9Y5R
Score

1^/10
behavioral28 behavioral29
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.dll
- Size
  
  4.7MB
- MD5
  
  38343f3d8108eed296fdf5aa19102e20
- SHA1
  
  f0995115254a0a76ac05329812368674dfa4f2ff
- SHA256
  
  75e17c4aa3d0374ecf1d04c2de449f6eee9f13cf5f291bb8c8c0d170b1cea4c8
- SHA512
  
  ea34cafb1af2abacbdaa826c3b060fd2772a912e5497e3fd373a5f88c3ec0a122671c55b541bb2f56cb8f8d86e9dd236aa3b61869d1589e3d97b7683564c2a7d
- SSDEEP
  
  49152:gLlgqJOlmNmIFmLaXyXXjZJ0NZg39C+SDm00zc95YXjlB42hmNJQtf:tP4xWXXjZJ2Zg3VT+6jvb+af
Score

1^/10
behavioral30 behavioral31
- Target
  
  bin/Microsoft.CodeAnalysis.ExpressionEvaluator.dll
- Size
  
  66KB
- MD5
  
  74df985b48b8cfbf96fbca0248591d74
- SHA1
  
  0630e74fd47b2b675524e4e628bfaf6e9b79e964
- SHA256
  
  b130cfbb4dd9855cbd6627755e3826f90585f5891edb037515b74d8af80a90fd
- SHA512
  
  a0c17a51db9dcc3855e3e0ae4989fbcabad756dcfc763e1ca0b11932fa606c6113e9e10c0fb0c4a0a92abba5f7f0bab6135950cfe4112f64a918c4398fb45a1e
- SSDEEP
  
  1536:CeYDhga9x5QnTW3bX3XOKhHPiwLRA1BdAbRW:taGaaW373XOKhHPiwLRuBdAbRW
Score

1^/10
behavioral32

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32