skuld | b4a941d057f1368a7314e07279a3c08691d93a2b0cf9310eb1edff63e9ddf4b8

Sharing

Copy URL

Twitter E-mail

General

Target

Xeno-v1.1.4-x64 (1).zip
Size

4.9MB
Sample

250225-v2957syrs8
MD5

10d6a09d9e0031ce8446257c6cbe2776
SHA1

b35d206a3ee429647817f2640577058cd5324a40
SHA256

b4a941d057f1368a7314e07279a3c08691d93a2b0cf9310eb1edff63e9ddf4b8
SHA512

c669324d1577da7d0980953dabd69eb1cbaa68c91f5d19fb903faeb7e8baaf2794d85c2cd9b28b7f09e821efd6292f42434523b28bd26730a870bc747557f53f
SSDEEP

98304:MJ9cxX7dTh6upOa/855+s0HqGR58qsHQOa+Em1RPwlhuzqDeE2Q9wsWl:MXcxRQSNqZijR583M+57PwlIqCkfWl

Score

10^/10

skuld persistence

Malware Config

Extracted

Family

skuld

https://discord.com/api/webhooks/1343723753242103868/09fTd57-J6ekLWzm8Uc27OAXCUKtS7zCT95Y4jS6IqKufxX_46yVhlzvdh3or-nI8svk

Targets

- Target
  
  Xeno-v1.1.4-x64 (1).zip
- Size
  
  4.9MB
- MD5
  
  10d6a09d9e0031ce8446257c6cbe2776
- SHA1
  
  b35d206a3ee429647817f2640577058cd5324a40
- SHA256
  
  b4a941d057f1368a7314e07279a3c08691d93a2b0cf9310eb1edff63e9ddf4b8
- SHA512
  
  c669324d1577da7d0980953dabd69eb1cbaa68c91f5d19fb903faeb7e8baaf2794d85c2cd9b28b7f09e821efd6292f42434523b28bd26730a870bc747557f53f
- SSDEEP
  
  98304:MJ9cxX7dTh6upOa/855+s0HqGR58qsHQOa+Em1RPwlhuzqDeE2Q9wsWl:MXcxRQSNqZijR583M+57PwlIqCkfWl
Score

1^/10
behavioral1 behavioral2
- Target
  
  Xeno-v1.1.4-x64/Xeno.dll
- Size
  
  1.3MB
- MD5
  
  6a635fa58e5455397180eda307fb64ba
- SHA1
  
  0e83defcbafec8c15707e2e71947e77d960a3648
- SHA256
  
  bd6843726688bd7253a42180bf95671ad5b0f9e787adb4f13250f484abd9eae4
- SHA512
  
  00a318b1fdb38efef39351e291fd8db9bd096307a1b6319191cfcbef6d5b7e0486cb19968291f64d3d2fe48e062bbfdec9c2e185010848b7df87bead4eac2fbb
- SSDEEP
  
  24576:8HVrqyQ8I2dBY8rekRCw7qb+sOZaDKSiEEemqzipKB:8HVrqbuYw75ZOVviE
Score

1^/10
behavioral3 behavioral4
- Target
  
  Xeno-v1.1.4-x64/Xeno.exe
- Size
  
  10.3MB
- MD5
  
  f63c3cdcbe82cce9b8d7186673c1e87e
- SHA1
  
  a9de2bcb698b61c7bf993d132cbd31f6c2a35ab8
- SHA256
  
  7a300de607241ce6751f54354e9892ec4219a2ac9edb932e639bd996e8a96068
- SHA512
  
  4a41af0d913f30e20808e058e58278bb1c9bc0e94fd385fb2afc32e1d31cafe79fd4bc7e7c3e318f82d2f12c940bbd96d1ba0ce9eec978ed838fe2a825aa93b0
- SSDEEP
  
  98304:tFxUxA4NWYYgeATvzgpuDy5g9OFA0rNl6Eb7:tsN8ge/uDy5g9junb7
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral5 behavioral6
- Target
  
  Xeno-v1.1.4-x64/XenoUI.dll
- Size
  
  95KB
- MD5
  
  a820e5f0298f087a8f7f1aced8b953d6
- SHA1
  
  d9e25cdb909b663305fad31d5bb5d8e6ee2e4d1b
- SHA256
  
  91a7ad538e10ff9131424a8b44292315d21dc42b0179ac29c550d61f81a6ff3d
- SHA512
  
  81e8ebb90dfcd3f8046a68a1fc2bfb21c31ac306a5bb1be2f84e735260f7a07b4fe1e453a3a512c4f0d99b10cb2c508895fc1e43463e38f3a0974b4548514c74
- SSDEEP
  
  1536:SSRxCnk7JSfUuafNmWR42zxMVY6dTPr1Wa5iiZhZuM/APHV5y6SlSW8/XR:1REWytdTPr1WAb87Pby6S+/XR
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8