skuld | 19f8494e8a249b068686c81aad1fbd6637dfb5d1a84408b30dbe980484f41696 | Triage

Sharing

General

Target

2025-02-13_72f519f4c13e07ae3b11c2d0774373b5_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
Size

9.9MB
Sample

250213-lsmh4swmfr
MD5

72f519f4c13e07ae3b11c2d0774373b5
SHA1

2f6c5ac6716c013635392cda6dcdc90876844096
SHA256

19f8494e8a249b068686c81aad1fbd6637dfb5d1a84408b30dbe980484f41696
SHA512

f81ecca3060e4b0f5169c48e259d9a7318363d7972d4f16413fbda561f0c350ea699b00bd283e8f767b1734ee4e4ca1800f7df09e71450e67256e4e48ebee697
SSDEEP

98304:+MoBbnizGExSrU31GIVpDrPeUgErEWLlg7BDuutWn:+MUiSExZnpDrP5gE4j0uW

Score

10^/10

skuld discovery persistence

Malware Config

Targets

- Target
  
  2025-02-13_72f519f4c13e07ae3b11c2d0774373b5_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
- Size
  
  9.9MB
- MD5
  
  72f519f4c13e07ae3b11c2d0774373b5
- SHA1
  
  2f6c5ac6716c013635392cda6dcdc90876844096
- SHA256
  
  19f8494e8a249b068686c81aad1fbd6637dfb5d1a84408b30dbe980484f41696
- SHA512
  
  f81ecca3060e4b0f5169c48e259d9a7318363d7972d4f16413fbda561f0c350ea699b00bd283e8f767b1734ee4e4ca1800f7df09e71450e67256e4e48ebee697
- SSDEEP
  
  98304:+MoBbnizGExSrU31GIVpDrPeUgErEWLlg7BDuutWn:+MUiSExZnpDrP5gE4j0uW
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence