skuld | 95b1a6969c6daa323432e99d25bf3b0c33a21efec679871badc3b2a34410149f | Triage

Sharing

General

Target

skuld.exe
Size

15.4MB
Sample

250326-lh7raswnt2
MD5

43ce92b13e04631f69e15b76db98f51e
SHA1

e20b2c6ed2d3e17b2f1a764b0ab1036158154b06
SHA256

95b1a6969c6daa323432e99d25bf3b0c33a21efec679871badc3b2a34410149f
SHA512

23f9187621b7d006f154b0fec253d70abb674318b7b03b9cadd8087ee7669701a5361e6c12beef17d10e26e2b40ff41596e8abcc44a8fabe1fad1e25b4151c8c
SSDEEP

196608:jAKz060voeVsJEsQ7R/wTymlb8F+Bvp+wsvwRR3Jk04:j/0DviAR/wum+F+BDjHqR

Score

10^/10

skuld persistence stealer

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1353661726381572147/DvQndSN-KFEIW6Dut8-fuk824N_vcYG_9jzKvSM2RDLP9kwb4j3E7svLXZPoggpJeUi6

Targets

- Target
  
  skuld.exe
- Size
  
  15.4MB
- MD5
  
  43ce92b13e04631f69e15b76db98f51e
- SHA1
  
  e20b2c6ed2d3e17b2f1a764b0ab1036158154b06
- SHA256
  
  95b1a6969c6daa323432e99d25bf3b0c33a21efec679871badc3b2a34410149f
- SHA512
  
  23f9187621b7d006f154b0fec253d70abb674318b7b03b9cadd8087ee7669701a5361e6c12beef17d10e26e2b40ff41596e8abcc44a8fabe1fad1e25b4151c8c
- SSDEEP
  
  196608:jAKz060voeVsJEsQ7R/wTymlb8F+Bvp+wsvwRR3Jk04:j/0DviAR/wum+F+BDjHqR
Score

10^/10

skuld persistence stealer
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

skuldpersistencestealer