Overview

overview

10

Static

static

5

hilolxdbyelol.exe

windows7-x64

10

hilolxdbyelol.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    12s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    10-11-2024 10:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    hilolxdbyelol.exe

  • Size

    3.2MB

  • MD5

    201b62987a6448b1ed7d4c7c634e4401

  • SHA1

    3f9f029737bc56e4a23b8a64d6603856b3c16f0a

  • SHA256

    2f0a0e4dff70b193c9f6766675be03126bcf1c796781d04714ccb5443942afd9

  • SHA512

    decd1598075057f25db2d8e719917622d6b7dffd24529b9aba60952d8768d4e159e48aa91fba46c44e8c38c5aa37240b7f489dac5a10ba0740a7b44f009367cb

  • SSDEEP

    49152:sZIS5uiyrDVujrZ7Ja+OMDQAf5rIQUlIne5fMlg7l3VzIlXs+FMOiJCxu499:ep5arDwdjOMQAf53emlgp39GXFFMq

Score
10/10
skuldstealerupx

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1305119518217211957/zCd3-6tFpgrOizgbucdSd1OdGvsc8EMAAVbe5qCBCGgMhVWFRPLgQcy2BWXTkeFrj4iQ

Signatures

  • Skuld family
    skuld
  • Skuld stealer

    An info stealer written in Go lang.

    stealerskuld
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\hilolxdbyelol.exe
    "C:\Users\Admin\AppData\Local\Temp\hilolxdbyelol.exe"
    1⤵
      PID:2484

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2484-0-0x00000000008F0000-0x0000000001338000-memory.dmp

      Filesize

      10.3MB

      Download

    • memory/2484-2-0x00000000008F0000-0x0000000001338000-memory.dmp

      Filesize

      10.3MB

      Download