skuld | 74da122cf8e7a07e4aa0274b98ccfe093dca58a69cbde44c118915f07d3ec8f6 | Triage

Sharing

General

Target

setup_gens_localserver.exe
Size

9.9MB
Sample

241212-3jxq6a1maw
MD5

7eb390f4439aaaf6424cf578d1d52ebf
SHA1

4c0545c16801e994fa4aee68e83dea19db06de9c
SHA256

74da122cf8e7a07e4aa0274b98ccfe093dca58a69cbde44c118915f07d3ec8f6
SHA512

a0c2127e8cd7f2616fa5496dd1e579f324eecd8978eae41aeaaae25453235de192974e7b0f953e23d5c262945538f73e413ae856c661cb00ca5ea791a430a75c
SSDEEP

98304:NXv9Q2/1jxJ4xlxSaHL8SLs50SJYCEKWGgbZmYezK:NX79jxJml57Ls50UYP18z

Score

10^/10

skuld persistence

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1316902463500058664/DQEAOl8bQczxScC5ZtmHMPFKd4UrjLNRIREge05kIIyXfwvs2_5bJNhIH0sVq2ePIRzC

Targets

- Target
  
  setup_gens_localserver.exe
- Size
  
  9.9MB
- MD5
  
  7eb390f4439aaaf6424cf578d1d52ebf
- SHA1
  
  4c0545c16801e994fa4aee68e83dea19db06de9c
- SHA256
  
  74da122cf8e7a07e4aa0274b98ccfe093dca58a69cbde44c118915f07d3ec8f6
- SHA512
  
  a0c2127e8cd7f2616fa5496dd1e579f324eecd8978eae41aeaaae25453235de192974e7b0f953e23d5c262945538f73e413ae856c661cb00ca5ea791a430a75c
- SSDEEP
  
  98304:NXv9Q2/1jxJ4xlxSaHL8SLs50SJYCEKWGgbZmYezK:NX79jxJml57Ls50UYP18z
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2