skuld | 5e95dcda7b3de97553fb0f35a0e11eeed9d0d0d21a73c2765010ca3a0f5925c0 | Triage

Sharing

General

Target

2025-02-16_eb6df570be03c1c1b1b0d74ba4e96ca3_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
Size

9.9MB
Sample

250216-3n584asrbx
MD5

eb6df570be03c1c1b1b0d74ba4e96ca3
SHA1

e08340cdfb70983da489244ace854982a0a4f7fc
SHA256

5e95dcda7b3de97553fb0f35a0e11eeed9d0d0d21a73c2765010ca3a0f5925c0
SHA512

0bfea8177fd92eb6fb78bd2ddd2785189a2cc79f2b8f535e033991ff9bdb202b829851ddc6e5cac60a83f6053bc3097eeb3e66a3c9c6f71337114e3ab3330710
SSDEEP

98304:Pfie4tzEgpidGr4roZcRm0p79OVENLGg7BDYl+dNqd:PfOzEgZEgcRm0JUmZu+nqd

Score

10^/10

skuld discovery persistence

Malware Config

Targets

- Target
  
  2025-02-16_eb6df570be03c1c1b1b0d74ba4e96ca3_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
- Size
  
  9.9MB
- MD5
  
  eb6df570be03c1c1b1b0d74ba4e96ca3
- SHA1
  
  e08340cdfb70983da489244ace854982a0a4f7fc
- SHA256
  
  5e95dcda7b3de97553fb0f35a0e11eeed9d0d0d21a73c2765010ca3a0f5925c0
- SHA512
  
  0bfea8177fd92eb6fb78bd2ddd2785189a2cc79f2b8f535e033991ff9bdb202b829851ddc6e5cac60a83f6053bc3097eeb3e66a3c9c6f71337114e3ab3330710
- SSDEEP
  
  98304:Pfie4tzEgpidGr4roZcRm0p79OVENLGg7BDYl+dNqd:PfOzEgZEgcRm0JUmZu+nqd
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence