skuld | 4d37269d55928ea2bb9f3cf1418ce83dd7a503ae727fa7d8ce6b2cbfb838d674 | Triage

Sharing

General

Target

anydesk.exe
Size

9.5MB
Sample

241226-j4ld3s1lak
MD5

4943aa37911a76d77390059b6b2f8704
SHA1

12070bf6a7785bd393e679b31e32063329c0f939
SHA256

4d37269d55928ea2bb9f3cf1418ce83dd7a503ae727fa7d8ce6b2cbfb838d674
SHA512

4065969cbf0c2156b91dc03f24442200ef514219957504a02d7a94644c9f32690f23404ce485b682dda67a7417ccb459b0bee36c5843751387437ec09bd6fda1
SSDEEP

98304:tOztpWZf9b7yyJ+e/RsgqAN9wTkOEgV7FB21Qui5ja:ADuf99D+gqANqTkrgQXi5ja

Score

10^/10

skuld discovery persistence

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1321751397909266482/g6p2gp5GLsLQd3TtRPN7ZZFnwJd1ar-ylig_2KHoaztyjQEDx4U65lwKPQRwKMm4-9CS

Targets

- Target
  
  anydesk.exe
- Size
  
  9.5MB
- MD5
  
  4943aa37911a76d77390059b6b2f8704
- SHA1
  
  12070bf6a7785bd393e679b31e32063329c0f939
- SHA256
  
  4d37269d55928ea2bb9f3cf1418ce83dd7a503ae727fa7d8ce6b2cbfb838d674
- SHA512
  
  4065969cbf0c2156b91dc03f24442200ef514219957504a02d7a94644c9f32690f23404ce485b682dda67a7417ccb459b0bee36c5843751387437ec09bd6fda1
- SSDEEP
  
  98304:tOztpWZf9b7yyJ+e/RsgqAN9wTkOEgV7FB21Qui5ja:ADuf99D+gqANqTkrgQXi5ja
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2