Overview

overview

10

Static

static

10

2964-51-0x...ry.exe

windows7-x64

1

2964-51-0x...ry.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2964-51-0x0000000000C50000-0x00000000016DE000-memory.dmp

  • Size

    10.6MB

  • MD5

    f36c25c2fc13352c6daadede33f04fd5

  • SHA1

    0a52b7b2c47cb48f2d7c267942ccb6c630053f23

  • SHA256

    60db21eb5a116a3eed7fc5b358f466151cd189e220b4b7472f27de91e96caf62

  • SHA512

    eb798faa52947d1b8f4c8d6685b096885294c35fef2649d0529305b0fce112c90dbd6cd38b4e3c5437ee912aee533b3d4e6a5ab4d1987665dd9080283691c1a0

  • SSDEEP

    98304:uiO2aMxMCjYZRxIz5fEutEseU39AIrslEd:uLszjcRxhutEseoGM

Score
10/10
upxskuld

Malware Config

Extracted

Family

skuld

C2

https://discordapp.com/api/webhooks/1349647136895012916/qSys_fpsL_y7usKH_AyrFupSjzSsVfg2t895g2HV8Yz72asrwCIsHaqqhPtDFjz8g8_E

Signatures

  • Skuld family
    skuld
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2964-51-0x0000000000C50000-0x00000000016DE000-memory.dmp
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections