Overview

overview

10

Static

static

10

2025-04-14...ch.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-04-14_79eec308b05540e1525c0ec760566bb8_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch

  • Size

    10.3MB

  • Sample

    250414-gcbz8a1xgz

  • MD5

    79eec308b05540e1525c0ec760566bb8

  • SHA1

    3669651c41161d98fa352f0c7ecb3da6ba90b6ea

  • SHA256

    425b2febecab60a8b54a7296e304b5499c2afcccf6090cce3bb12396c35581d1

  • SHA512

    6eb7f2968e56306a19f569d3f827851e19d0504dd83cf66629c2cf252e056251d40d97fdededc12ad81c651925a0bbb52b0a4e8571b7c15d0dadc810ef67b16c

  • SSDEEP

    98304:HkbS4GeZk9WMOfpgu+NsFUqNEX0R/wYA0rn7jEMb:Hd4dZkFu+NsyCEX0R/w7ywMb

Score
10/10
skuldpersistencestealer

Malware Config

Extracted

Family

skuld

C2

https://discord.com/api/webhooks/1361117110004089064/zJZlwoLRcTIsF_8RLFAkpDdHVckL4ra8dG_U3_8Pu9uIZKUmKOuUmB6htNx9kBKxWDGL

Targets

    • Target

      2025-04-14_79eec308b05540e1525c0ec760566bb8_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch

    • Size

      10.3MB

    • MD5

      79eec308b05540e1525c0ec760566bb8

    • SHA1

      3669651c41161d98fa352f0c7ecb3da6ba90b6ea

    • SHA256

      425b2febecab60a8b54a7296e304b5499c2afcccf6090cce3bb12396c35581d1

    • SHA512

      6eb7f2968e56306a19f569d3f827851e19d0504dd83cf66629c2cf252e056251d40d97fdededc12ad81c651925a0bbb52b0a4e8571b7c15d0dadc810ef67b16c

    • SSDEEP

      98304:HkbS4GeZk9WMOfpgu+NsFUqNEX0R/wYA0rn7jEMb:Hd4dZkFu+NsyCEX0R/w7ywMb

    Score
    10/10
    skuldpersistencestealer

    • Skuld family

      skuld

    • Skuld stealer

      An info stealer written in Go lang.

      stealerskuld

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v16

Tasks