skuld | 0caa2754c52580bb8efaa1d798f87389982902f71c7b36549759ff9e33e0036f | Triage

Sharing

General

Target

skuld.exe
Size

10.3MB
Sample

250414-3xxy3stqt3
MD5

d80dc6ed2832129a02a1916ae22be26a
SHA1

06f44d821ad943766b05ade8fa56e8e8f7b7f7eb
SHA256

0caa2754c52580bb8efaa1d798f87389982902f71c7b36549759ff9e33e0036f
SHA512

b251f80b16329109f8e8d1c03e7dd6c68245163858539bf22480485f0708e6dee3fedbbf95649b1ce0f2c5a3ed19bc8ead3b3f4c73b081119f14ad425e267f4c
SSDEEP

98304:aZ/a5vGoCinKm2N2VS+Cs8aaItAOrFqaxFgEpgT5:aw5vGOnK6S+CsdaI2YlpgT

Score

10^/10

skuld persistence stealer

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1361486763046207628/P7oM_MuJjYmAA5l0jD5BmbQ25jlSYijtIXyk_kmz1kbI2lvdPbYuZuUgwUeWg-P7VWSY

Targets

- Target
  
  skuld.exe
- Size
  
  10.3MB
- MD5
  
  d80dc6ed2832129a02a1916ae22be26a
- SHA1
  
  06f44d821ad943766b05ade8fa56e8e8f7b7f7eb
- SHA256
  
  0caa2754c52580bb8efaa1d798f87389982902f71c7b36549759ff9e33e0036f
- SHA512
  
  b251f80b16329109f8e8d1c03e7dd6c68245163858539bf22480485f0708e6dee3fedbbf95649b1ce0f2c5a3ed19bc8ead3b3f4c73b081119f14ad425e267f4c
- SSDEEP
  
  98304:aZ/a5vGoCinKm2N2VS+Cs8aaItAOrFqaxFgEpgT5:aw5vGOnK6S+CsdaI2YlpgT
Score

10^/10

skuld persistence stealer
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

skuldpersistencestealer