skuld | 6e40a38ba66b802dc1a8aa811b0a090651f486cc937bf70809a48186a1e2742b | Triage

Sharing

General

Target

stash.exe
Size

9.9MB
Sample

241109-3x4rmatpfy
MD5

40ad54e33822abdcd90635d7c67177b3
SHA1

53b241134681528e5d03094d166d6d8b6f2af1a5
SHA256

6e40a38ba66b802dc1a8aa811b0a090651f486cc937bf70809a48186a1e2742b
SHA512

ff88038919a13fd12e0dea90234a38103a01af0b909618c25933e42a0f85b019b8ff3fdde357b2dc5dbd8b437bc273571f639dd2a7a82fe69b3b95c01d27c967
SSDEEP

98304:eQ8s/OFn5xf/vu/JzTTSdObLjCoZ866ExDxgCZmBoH9S4XO:Z83nbf/vAZhLjCoq6nLQ4PX

Score

10^/10

skuld persistence stealer

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1304955469110055034/m1QTVUBhcZccEpwJaZfvBzrHfDfS7LV_UkVwHOOsYgkvP4PL1bwN71LIje8gpF5r_dPf

Targets

- Target
  
  stash.exe
- Size
  
  9.9MB
- MD5
  
  40ad54e33822abdcd90635d7c67177b3
- SHA1
  
  53b241134681528e5d03094d166d6d8b6f2af1a5
- SHA256
  
  6e40a38ba66b802dc1a8aa811b0a090651f486cc937bf70809a48186a1e2742b
- SHA512
  
  ff88038919a13fd12e0dea90234a38103a01af0b909618c25933e42a0f85b019b8ff3fdde357b2dc5dbd8b437bc273571f639dd2a7a82fe69b3b95c01d27c967
- SSDEEP
  
  98304:eQ8s/OFn5xf/vu/JzTTSdObLjCoZ866ExDxgCZmBoH9S4XO:Z83nbf/vAZhLjCoq6nLQ4PX
Score

10^/10

skuld persistence stealer
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

skuldpersistencestealer