skuld | ca048c463dcdf91e84ddc260bc0cadb6b0d8a68f92dc527c4038f7a6ab7c32b4 | Triage

Sharing

General

Target

2024-12-24_f455be9af5edfdb2a3ea974d743f91b6_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
Size

14.8MB
Sample

241224-p7c5rsyjdn
MD5

f455be9af5edfdb2a3ea974d743f91b6
SHA1

8a4bab4f65c3b1c54f58786c67d94f900e5cd0b0
SHA256

ca048c463dcdf91e84ddc260bc0cadb6b0d8a68f92dc527c4038f7a6ab7c32b4
SHA512

98248a6e03084b7df36bbdca5cc0d0d01ad5f4d83a86fb9d6235d8b692bafeaee0c361b905a05289e91457b829d2cc9a3afe28516c7b84387e3710891ea1db1c
SSDEEP

196608:+itOI01DSfgMh0DVL6MzfCmMIEtVzxHejiO9rMyORk:+iUI4DYoLjCVtthxHdyOi

Score

10^/10

skuld persistence

Malware Config

Targets

- Target
  
  2024-12-24_f455be9af5edfdb2a3ea974d743f91b6_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
- Size
  
  14.8MB
- MD5
  
  f455be9af5edfdb2a3ea974d743f91b6
- SHA1
  
  8a4bab4f65c3b1c54f58786c67d94f900e5cd0b0
- SHA256
  
  ca048c463dcdf91e84ddc260bc0cadb6b0d8a68f92dc527c4038f7a6ab7c32b4
- SHA512
  
  98248a6e03084b7df36bbdca5cc0d0d01ad5f4d83a86fb9d6235d8b692bafeaee0c361b905a05289e91457b829d2cc9a3afe28516c7b84387e3710891ea1db1c
- SSDEEP
  
  196608:+itOI01DSfgMh0DVL6MzfCmMIEtVzxHejiO9rMyORk:+iUI4DYoLjCVtthxHdyOi
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2