skuld | 95b1a6969c6daa323432e99d25bf3b0c33a21efec679871badc3b2a34410149f | Triage

Sharing

General

Target

2025-03-26_43ce92b13e04631f69e15b76db98f51e_frostygoop_ghostlocker_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
Size

15.4MB
Sample

250326-wx8l9azydv
MD5

43ce92b13e04631f69e15b76db98f51e
SHA1

e20b2c6ed2d3e17b2f1a764b0ab1036158154b06
SHA256

95b1a6969c6daa323432e99d25bf3b0c33a21efec679871badc3b2a34410149f
SHA512

23f9187621b7d006f154b0fec253d70abb674318b7b03b9cadd8087ee7669701a5361e6c12beef17d10e26e2b40ff41596e8abcc44a8fabe1fad1e25b4151c8c
SSDEEP

196608:jAKz060voeVsJEsQ7R/wTymlb8F+Bvp+wsvwRR3Jk04:j/0DviAR/wum+F+BDjHqR

Score

10^/10

skuld persistence

Malware Config

Targets

- Target
  
  2025-03-26_43ce92b13e04631f69e15b76db98f51e_frostygoop_ghostlocker_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
- Size
  
  15.4MB
- MD5
  
  43ce92b13e04631f69e15b76db98f51e
- SHA1
  
  e20b2c6ed2d3e17b2f1a764b0ab1036158154b06
- SHA256
  
  95b1a6969c6daa323432e99d25bf3b0c33a21efec679871badc3b2a34410149f
- SHA512
  
  23f9187621b7d006f154b0fec253d70abb674318b7b03b9cadd8087ee7669701a5361e6c12beef17d10e26e2b40ff41596e8abcc44a8fabe1fad1e25b4151c8c
- SSDEEP
  
  196608:jAKz060voeVsJEsQ7R/wTymlb8F+Bvp+wsvwRR3Jk04:j/0DviAR/wum+F+BDjHqR
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2