skuld | c8c36f079915be17e2c725b4247ceca4269e42fa6712f59d90147b103d60251e | Triage

Sharing

General

Target

2025-04-12_a8133dab079ce24c46a35749109d8f34_frostygoop_luca-stealer_ngrbot_poet-rat_sliver_snatch
Size

9.3MB
Sample

250412-b9xqast1h1
MD5

a8133dab079ce24c46a35749109d8f34
SHA1

455ac75b069b855bd3785a0f56d69276b8e83b01
SHA256

c8c36f079915be17e2c725b4247ceca4269e42fa6712f59d90147b103d60251e
SHA512

a57ecbda300a2a92c034177bf70cf441606ae9a68e1d0ec1be032921cea44d5fdfde23c5dfcf10dcc9b97a518b0a31d752fb24b344a5f80c30aa3e20e429ec06
SSDEEP

98304:xn9IO5k+ijWcfaPsLKiyYH+LW0mEfhcEEkzbQT:RBk+ijWVmyYH+i0D52T

Score

10^/10

skuld persistence

Malware Config

Targets

- Target
  
  2025-04-12_a8133dab079ce24c46a35749109d8f34_frostygoop_luca-stealer_ngrbot_poet-rat_sliver_snatch
- Size
  
  9.3MB
- MD5
  
  a8133dab079ce24c46a35749109d8f34
- SHA1
  
  455ac75b069b855bd3785a0f56d69276b8e83b01
- SHA256
  
  c8c36f079915be17e2c725b4247ceca4269e42fa6712f59d90147b103d60251e
- SHA512
  
  a57ecbda300a2a92c034177bf70cf441606ae9a68e1d0ec1be032921cea44d5fdfde23c5dfcf10dcc9b97a518b0a31d752fb24b344a5f80c30aa3e20e429ec06
- SSDEEP
  
  98304:xn9IO5k+ijWcfaPsLKiyYH+LW0mEfhcEEkzbQT:RBk+ijWVmyYH+i0D52T
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1