skuld | 93643f6f0cea3ea34541a532b1d5acc89bd68a31975a96a7275e2d50c5ba13d8 | Triage

Sharing

General

Target

2025-04-18_d8aa48e2d8b8bbb5fc9579866accfe00_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
Size

10.3MB
Sample

250418-2jls8azpv4
MD5

d8aa48e2d8b8bbb5fc9579866accfe00
SHA1

fb5492d7fe655199f810be4c50eea29023de8058
SHA256

93643f6f0cea3ea34541a532b1d5acc89bd68a31975a96a7275e2d50c5ba13d8
SHA512

e24985258dbe52126489e5ebd4e5b18bf55b8d58916b40deba8d5eaad1c3fe5183d6a5368cc725e228ddb89a8c01ab106f765886510ec60784b9d45cd12116ea
SSDEEP

98304:CaSL8bZv/NL61NxiEvVbE/8CERB6O5wCA0rRxEmb:Cobl/NUvVbEEfRB6O5wFMSmb

Score

10^/10

skuld persistence stealer

Malware Config

Targets

- Target
  
  2025-04-18_d8aa48e2d8b8bbb5fc9579866accfe00_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
- Size
  
  10.3MB
- MD5
  
  d8aa48e2d8b8bbb5fc9579866accfe00
- SHA1
  
  fb5492d7fe655199f810be4c50eea29023de8058
- SHA256
  
  93643f6f0cea3ea34541a532b1d5acc89bd68a31975a96a7275e2d50c5ba13d8
- SHA512
  
  e24985258dbe52126489e5ebd4e5b18bf55b8d58916b40deba8d5eaad1c3fe5183d6a5368cc725e228ddb89a8c01ab106f765886510ec60784b9d45cd12116ea
- SSDEEP
  
  98304:CaSL8bZv/NL61NxiEvVbE/8CERB6O5wCA0rRxEmb:Cobl/NUvVbEEfRB6O5wFMSmb
Score

10^/10

skuld persistence stealer
- Skuld family
  skuld
- Skuld stealer
  An info stealer written in Go lang.
  stealer skuld
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v16

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

skuldpersistencestealer

behavioral2

skuldpersistencestealer