skuld | 38801a781a4946d7f2e202f899f74c0ea9ccd9e273666896420e042c818f3e72 | Triage

Sharing

General

Target

2025-02-13_2caec7aac1db8274160f6dc96f574bef_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
Size

9.9MB
Sample

250213-lq8cssxjez
MD5

2caec7aac1db8274160f6dc96f574bef
SHA1

7ed59f69655c0bbb555c6aee97fc75b0e3c18176
SHA256

38801a781a4946d7f2e202f899f74c0ea9ccd9e273666896420e042c818f3e72
SHA512

b22f8bb0e31132a1c75a66a61351f8fb6dcad0b4ae6998ae43884bce90edb6e9304a3006fdf983fcc5363efe5a3cafe8e4d03f6c16d752327b21f19f5506d8d1
SSDEEP

98304:TE/XRBCfMiUi8i76nmhg0HkyYmEELGg7BDYl+d8q:TEnCfMGQmhg0E/Dgu+6q

Score

10^/10

skuld discovery persistence

Malware Config

Targets

- Target
  
  2025-02-13_2caec7aac1db8274160f6dc96f574bef_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
- Size
  
  9.9MB
- MD5
  
  2caec7aac1db8274160f6dc96f574bef
- SHA1
  
  7ed59f69655c0bbb555c6aee97fc75b0e3c18176
- SHA256
  
  38801a781a4946d7f2e202f899f74c0ea9ccd9e273666896420e042c818f3e72
- SHA512
  
  b22f8bb0e31132a1c75a66a61351f8fb6dcad0b4ae6998ae43884bce90edb6e9304a3006fdf983fcc5363efe5a3cafe8e4d03f6c16d752327b21f19f5506d8d1
- SSDEEP
  
  98304:TE/XRBCfMiUi8i76nmhg0HkyYmEELGg7BDYl+d8q:TEnCfMGQmhg0E/Dgu+6q
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence