skuld | 463cb472f0e30aed089952434dc376bce1f01983559765022be8778e7be7e8cf | Triage

Sharing

General

Target

2025-02-13_006d805d0dcd9c8d4657cc1671015a6b_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
Size

9.9MB
Sample

250213-lqgj3swmdk
MD5

006d805d0dcd9c8d4657cc1671015a6b
SHA1

e1388f230bd277c15f8170da5ef33195ff8040a0
SHA256

463cb472f0e30aed089952434dc376bce1f01983559765022be8778e7be7e8cf
SHA512

0cf69f9af7a48eeb7d3a188721fe60f49d2adfb04e5f64356653678c30b1d44576f39dfa26639ceed649bbfcceb8e32f6951db71551a1589b64947cff906db5e
SSDEEP

98304:Pfie4tzEgpidGr4roZcRm0p79OVENLGg7BDYl+dNq:PfOzEgZEgcRm0JUmZu+nq

Score

10^/10

skuld discovery persistence

Malware Config

Targets

- Target
  
  2025-02-13_006d805d0dcd9c8d4657cc1671015a6b_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
- Size
  
  9.9MB
- MD5
  
  006d805d0dcd9c8d4657cc1671015a6b
- SHA1
  
  e1388f230bd277c15f8170da5ef33195ff8040a0
- SHA256
  
  463cb472f0e30aed089952434dc376bce1f01983559765022be8778e7be7e8cf
- SHA512
  
  0cf69f9af7a48eeb7d3a188721fe60f49d2adfb04e5f64356653678c30b1d44576f39dfa26639ceed649bbfcceb8e32f6951db71551a1589b64947cff906db5e
- SSDEEP
  
  98304:Pfie4tzEgpidGr4roZcRm0p79OVENLGg7BDYl+dNq:PfOzEgZEgcRm0JUmZu+nq
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence