Overview

overview

10

Static

static

3

DDoS_Tool.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DDoS_Tool.exe

  • Size

    9.2MB

  • Sample

    250219-k42azaxrhl

  • MD5

    a2fd1b985d1ea815a1bca2e6c08716a4

  • SHA1

    efcbfa06957563a7727e6e6bbc9a3d4ef636b34d

  • SHA256

    1946fd33fc9664f05baad48af6ab73e82d85ec06ebd1ee799d20068f26af40f5

  • SHA512

    b733113d6172b33564838d7b5df29a3e1ed50fc4d9c612046ebcfd38eb74ca95f88456bcdcd09bac6e1c57b9ce6b828cf1f00997f93b24427b073e6071968c2f

  • SSDEEP

    196608:TszddA9gnARebIApkNDjI0TU1mrcKsxHvVPSh+VKLqdmXOsD3k:T2AvebI3DjtUorKvJSh+8LqUP3

Score
10/10
skuldpersistencestealer

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1287553571474116618/XvnvekS_ifULDKsOQ36vxllmB38P-oDt7x3skQQXYTv7E3UcVlfK3CegQd2kN7hHgTmh

Targets

    • Target

      DDoS_Tool.exe

    • Size

      9.2MB

    • MD5

      a2fd1b985d1ea815a1bca2e6c08716a4

    • SHA1

      efcbfa06957563a7727e6e6bbc9a3d4ef636b34d

    • SHA256

      1946fd33fc9664f05baad48af6ab73e82d85ec06ebd1ee799d20068f26af40f5

    • SHA512

      b733113d6172b33564838d7b5df29a3e1ed50fc4d9c612046ebcfd38eb74ca95f88456bcdcd09bac6e1c57b9ce6b828cf1f00997f93b24427b073e6071968c2f

    • SSDEEP

      196608:TszddA9gnARebIApkNDjI0TU1mrcKsxHvVPSh+VKLqdmXOsD3k:T2AvebI3DjtUorKvJSh+8LqUP3

    Score
    10/10
    skuldpersistencestealer

    • Skuld family

      skuld

    • Skuld stealer

      An info stealer written in Go lang.

      stealerskuld

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks