skuld | 8432cf8fc3189ecef5925f2b4f9294b4b58811a23929e3733486c510d262f56f | Triage

Sharing

General

Target

skuld.rar
Size

3.6MB
Sample

250223-qhpmyayqgr
MD5

ef0bcceda79befa7842359da1edd2170
SHA1

607368e895419fcfe3ed57958c9e0026217d448b
SHA256

8432cf8fc3189ecef5925f2b4f9294b4b58811a23929e3733486c510d262f56f
SHA512

760b7153450c106e64f01dbf2878d0924bc4b327623af22f13d4c509051c810ea06dab842dcd8a996c04962a180f673fd885152e6e3b4fd300b3255d122afbc1
SSDEEP

49152:vd81dNtjhkCAWM3q71ibKR5K5/b1I5pixTZ4sl4oK0az5U7dvhHkd/bJI9T6sNUt:vC7jm9XUl6lb1FjlBK0y5ImlI9/kmyRT

Score

10^/10

skuld persistence stealer

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1343209123356999732/LP142VV-ML9jKwDDmI34_RZyez4zp6Ksa4deBV_Iz3mxgdXjnr9AtgGxx00eV9yW2tj7

Targets

- Target
  
  skuld.rar
- Size
  
  3.6MB
- MD5
  
  ef0bcceda79befa7842359da1edd2170
- SHA1
  
  607368e895419fcfe3ed57958c9e0026217d448b
- SHA256
  
  8432cf8fc3189ecef5925f2b4f9294b4b58811a23929e3733486c510d262f56f
- SHA512
  
  760b7153450c106e64f01dbf2878d0924bc4b327623af22f13d4c509051c810ea06dab842dcd8a996c04962a180f673fd885152e6e3b4fd300b3255d122afbc1
- SSDEEP
  
  49152:vd81dNtjhkCAWM3q71ibKR5K5/b1I5pixTZ4sl4oK0az5U7dvhHkd/bJI9T6sNUt:vC7jm9XUl6lb1FjlBK0y5ImlI9/kmyRT
Score

10^/10

skuld persistence stealer
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

skuldpersistencestealer

behavioral2

skuldpersistencestealer