skuld | 425b2febecab60a8b54a7296e304b5499c2afcccf6090cce3bb12396c35581d1 | Triage

Sharing

General

Target

2025-04-14_79eec308b05540e1525c0ec760566bb8_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
Size

10.3MB
Sample

250414-gd99ea1ybx
MD5

79eec308b05540e1525c0ec760566bb8
SHA1

3669651c41161d98fa352f0c7ecb3da6ba90b6ea
SHA256

425b2febecab60a8b54a7296e304b5499c2afcccf6090cce3bb12396c35581d1
SHA512

6eb7f2968e56306a19f569d3f827851e19d0504dd83cf66629c2cf252e056251d40d97fdededc12ad81c651925a0bbb52b0a4e8571b7c15d0dadc810ef67b16c
SSDEEP

98304:HkbS4GeZk9WMOfpgu+NsFUqNEX0R/wYA0rn7jEMb:Hd4dZkFu+NsyCEX0R/w7ywMb

Score

10^/10

skuld persistence

Malware Config

Targets

- Target
  
  2025-04-14_79eec308b05540e1525c0ec760566bb8_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
- Size
  
  10.3MB
- MD5
  
  79eec308b05540e1525c0ec760566bb8
- SHA1
  
  3669651c41161d98fa352f0c7ecb3da6ba90b6ea
- SHA256
  
  425b2febecab60a8b54a7296e304b5499c2afcccf6090cce3bb12396c35581d1
- SHA512
  
  6eb7f2968e56306a19f569d3f827851e19d0504dd83cf66629c2cf252e056251d40d97fdededc12ad81c651925a0bbb52b0a4e8571b7c15d0dadc810ef67b16c
- SSDEEP
  
  98304:HkbS4GeZk9WMOfpgu+NsFUqNEX0R/wYA0rn7jEMb:Hd4dZkFu+NsyCEX0R/w7ywMb
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1