skuld | f9d4f95b443f95f249c069fd6b97a922dd1c3f8053a3d0a3ea0e0a062eabbb0a | Triage

Sharing

General

Target

2025-02-16_01147b2a3db0e3b3477837d85f77970d_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
Size

9.9MB
Sample

250216-lcf2ds1mgk
MD5

01147b2a3db0e3b3477837d85f77970d
SHA1

2824da32c7bf6439103f46fc5005529a7a669ae1
SHA256

f9d4f95b443f95f249c069fd6b97a922dd1c3f8053a3d0a3ea0e0a062eabbb0a
SHA512

f38ae877c94d43dd2ab9305866453fac2d4e6ed6eed09b23a60f230c68d8e67c74c8eb0829a4dc42e1e1a8d8916476523a780a60cdf449942b23c0a8aa3d7075
SSDEEP

98304:HI8UBCbv0eMEZfA+7HZqhH090i1oEBLGg7BDNF+dYq:HIAv0epVqhH0iuBlR+mq

Score

10^/10

skuld discovery persistence

Malware Config

Targets

- Target
  
  2025-02-16_01147b2a3db0e3b3477837d85f77970d_frostygoop_luca-stealer_ngrbot_poet-rat_snatch
- Size
  
  9.9MB
- MD5
  
  01147b2a3db0e3b3477837d85f77970d
- SHA1
  
  2824da32c7bf6439103f46fc5005529a7a669ae1
- SHA256
  
  f9d4f95b443f95f249c069fd6b97a922dd1c3f8053a3d0a3ea0e0a062eabbb0a
- SHA512
  
  f38ae877c94d43dd2ab9305866453fac2d4e6ed6eed09b23a60f230c68d8e67c74c8eb0829a4dc42e1e1a8d8916476523a780a60cdf449942b23c0a8aa3d7075
- SSDEEP
  
  98304:HI8UBCbv0eMEZfA+7HZqhH090i1oEBLGg7BDNF+dYq:HIAv0epVqhH0iuBlR+mq
Score

8^/10

discovery persistence
- Downloads MZ/PE file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence