Overview

overview

10

Static

static

10

6bf7006b8c...3N.exe

windows7-x64

10

6bf7006b8c...3N.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    18s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    25-12-2024 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6bf7006b8c6e12b329c5036cb30e148531ebf795205a2e1fdd10e19091e7b813N.exe

  • Size

    3.8MB

  • MD5

    c9bccf935950c17674de5ad941aa37f0

  • SHA1

    9b4e6736a4ce6ada4d25e1625b882051693b4aaf

  • SHA256

    6bf7006b8c6e12b329c5036cb30e148531ebf795205a2e1fdd10e19091e7b813

  • SHA512

    ddd5048cd98868ffb8d8dd5610a5e8841248ab8a225780c1b64a55ce007807d4f9c446d5178db558e18aba1b5807f7e325b82d67acb10fe48dedbc0bd503166c

  • SSDEEP

    98304:wBY5QBeOT3uY2f2HsjkmNF4s0+wzo22A66bpb0C8mvYvGBkb:wm5MXPmN17WYKpVhQ/

Score
10/10
skuldstealerupx

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1319769084723724329/0MTnaymIeCHurp0VMDTAOx0iXguX5iiX0hLraxSpl4htUXblPfXoUXl-qUK5q0g8EZ4w

Signatures

  • Skuld family
    skuld
  • Skuld stealer

    An info stealer written in Go lang.

    stealerskuld
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\6bf7006b8c6e12b329c5036cb30e148531ebf795205a2e1fdd10e19091e7b813N.exe
    "C:\Users\Admin\AppData\Local\Temp\6bf7006b8c6e12b329c5036cb30e148531ebf795205a2e1fdd10e19091e7b813N.exe"
    1⤵
      PID:2120

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2120-0-0x0000000000280000-0x0000000000CC8000-memory.dmp

      Filesize

      10.3MB

      Download

    • memory/2120-2-0x0000000000280000-0x0000000000CC8000-memory.dmp

      Filesize

      10.3MB

      Download