Overview

overview

10

Static

static

10

disctool2.exe

windows7-x64

1

disctool2.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    disctool2.exe

  • Size

    9.9MB

  • Sample

    250111-y261bszqfp

  • MD5

    4c720c9d26ecb6ddce4b20734cac613a

  • SHA1

    7ae408f38028f6da9c9e8e50745a48ccde43703b

  • SHA256

    2210eb2ca2679415d925b51077f0dacd41d315cb5026dffb82436d0a7de5ad5e

  • SHA512

    0ee111eb054e6a8a6019a1579c140f55e1a0ea97ac8c162b8a0c13c8c5b6fae166007bb34adb0921fdeb60555ccfdec0e065cc8e920308342e90d569627857a2

  • SSDEEP

    98304:F1WlZn4ppvE5GuV+9Ux6lct0znJkEWWIglZmHz:F1LppvQihlct0DJdZgz

Score
10/10
skulddiscoverypersistence

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1327724786805112892/s2XypNsFCL8hyIIL_X38703UYXl8BfD0weZ-NwcGfI2jq8YtBWBnMaOWiX1SPNAaqslR

Targets

    • Target

      disctool2.exe

    • Size

      9.9MB

    • MD5

      4c720c9d26ecb6ddce4b20734cac613a

    • SHA1

      7ae408f38028f6da9c9e8e50745a48ccde43703b

    • SHA256

      2210eb2ca2679415d925b51077f0dacd41d315cb5026dffb82436d0a7de5ad5e

    • SHA512

      0ee111eb054e6a8a6019a1579c140f55e1a0ea97ac8c162b8a0c13c8c5b6fae166007bb34adb0921fdeb60555ccfdec0e065cc8e920308342e90d569627857a2

    • SSDEEP

      98304:F1WlZn4ppvE5GuV+9Ux6lct0znJkEWWIglZmHz:F1LppvQihlct0DJdZgz

    Score
    8/10
    discoverypersistence

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks