skuld | e64a30897bb90af9fc7ee9299602ccacf3d5dba1f7351449df4ed4613a6d76f7 | Triage

Sharing

General

Target

skuld.zip
Size

5.4MB
Sample

250116-ejezca1jcx
MD5

fff6c5ece2890b0f594d5899b9f4f471
SHA1

a5210063b9e25bd2dbcdfa22c136e70602a6870c
SHA256

e64a30897bb90af9fc7ee9299602ccacf3d5dba1f7351449df4ed4613a6d76f7
SHA512

9af5255ae9097d8b8e31a3567502c167182dd1a2eab9f3ab3e02064a86a7efdd9928b17e895b3200330ca00fbd921656a990b5ba922c22b6ac55858bd6884608
SSDEEP

98304:zeEoI3Hv+sNewuoRj5l5erorcM7/tlFxFLvC1jPQHUNV44+Hvf5Vgn3bdHG2iDau:iEv3HmsNewuoRllUUcCj7FzObwJgLdHq

Score

10^/10

skuld persistence

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1329283868187955230/LgZapkixJUPQm97M9Zx6i7MBYSFFkAdzQLUfL6pGmsN5hc1f7Hlnnd9d4niixsRmbB1y

Targets

- Target
  
  skuld.zip
- Size
  
  5.4MB
- MD5
  
  fff6c5ece2890b0f594d5899b9f4f471
- SHA1
  
  a5210063b9e25bd2dbcdfa22c136e70602a6870c
- SHA256
  
  e64a30897bb90af9fc7ee9299602ccacf3d5dba1f7351449df4ed4613a6d76f7
- SHA512
  
  9af5255ae9097d8b8e31a3567502c167182dd1a2eab9f3ab3e02064a86a7efdd9928b17e895b3200330ca00fbd921656a990b5ba922c22b6ac55858bd6884608
- SSDEEP
  
  98304:zeEoI3Hv+sNewuoRj5l5erorcM7/tlFxFLvC1jPQHUNV44+Hvf5Vgn3bdHG2iDau:iEv3HmsNewuoRllUUcCj7FzObwJgLdHq
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1