General
-
Target
2025-06-03_9a3f462d8a9b6117dc2be0cf61e16681_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
-
Size
10.3MB
-
Sample
250603-pwnr5agl6x
-
MD5
9a3f462d8a9b6117dc2be0cf61e16681
-
SHA1
6da479c3fedd78e718108f5ae5e99c572ce78b5f
-
SHA256
691689aa97146290b29933e47c8a1b1cd66e1a5dbc9fad122ea64ff0eb40f624
-
SHA512
2dd6971839661bc23e3bd4ac16227ef80a176714f65fe1cac9a950cb32ebe3c18651e6f482b00aaabcefc4a47d2f718af77db070c07a4195352d803c8d122027
-
SSDEEP
98304:6lyzZx6SpXxQQ5bZKATn/8qVqgr2d29EBgDhhGB:60Zx6CXxtKATn/8qA8uBgN
Static task
static1
Behavioral task
behavioral1
Sample
2025-06-03_9a3f462d8a9b6117dc2be0cf61e16681_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch.exe
Resource
win10v2004-20250502-en
Malware Config
Extracted
skuld
https://discord.com/api/webhooks/1378709992634322944/nZXdjxkEjzOzW5okURF8HBbKvf0Yaup_y2ZlExn4z4BGoEmWbXXktqdoQK-XlvNlNoyE
Targets
-
-
Target
2025-06-03_9a3f462d8a9b6117dc2be0cf61e16681_frostygoop_knight_luca-stealer_ngrbot_poet-rat_sliver_snatch
-
Size
10.3MB
-
MD5
9a3f462d8a9b6117dc2be0cf61e16681
-
SHA1
6da479c3fedd78e718108f5ae5e99c572ce78b5f
-
SHA256
691689aa97146290b29933e47c8a1b1cd66e1a5dbc9fad122ea64ff0eb40f624
-
SHA512
2dd6971839661bc23e3bd4ac16227ef80a176714f65fe1cac9a950cb32ebe3c18651e6f482b00aaabcefc4a47d2f718af77db070c07a4195352d803c8d122027
-
SSDEEP
98304:6lyzZx6SpXxQQ5bZKATn/8qVqgr2d29EBgDhhGB:60Zx6CXxtKATn/8qA8uBgN
Score10/10-
Skuld family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-