HexaLocker V2: Skuld Stealer Paving the Way prior to Encryption
Tags
Common Information
Type | Value |
---|---|
UUID | 16260d83-7074-46a1-ac8b-ef28855e315c |
Fingerprint | 9eb6bc98625faed1 |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Jan. 9, 2025, 1:15 p.m. |
Added to db | Jan. 9, 2025, 2:17 p.m. |
Last updated | Jan. 19, 2025, 3:26 a.m. |
Headline | HexaLocker V2: Skuld Stealer Paving the Way prior to Encryption |
Title | HexaLocker V2: Skuld Stealer Paving the Way prior to Encryption |
Detected Hints/Tags/Attributes | 99/1/29 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 158 | ✔ | Malware Analysis, News and Indicators - Latest topics | https://malware.news/latest.rss | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 4 | hexalocker.xyz |
|
Details | Domain | 36 | www.trellix.com |
|
Details | Domain | 15 | www.synacktiv.com |
|
Details | Domain | 94 | cyble.com |
|
Details | File | 12 | myapp.exe |
|
Details | File | 111 | upload.php |
|
Details | File | 5 | receive.php |
|
Details | File | 2 | lapsus-is-dead-long-live-hexalocker.html |
|
Details | sha256 | 3 | 8b347bb90c9135c185040ef5fdb87eb5cca821060f716755471a637c350988d8 |
|
Details | sha256 | 3 | 0347aa0b42253ed46fdb4b95e7ffafa40ba5e249dfb5c8c09119f327a1b4795a |
|
Details | sha256 | 3 | 28c1ec286b178fe06448b25790ae4a0f60ea1647a4bb53fb2ee7de506333b960 |
|
Details | sha256 | 3 | d0d8df16331b16f9437c0b488d5a89a4c2f09a84dec4da4bc13eab15aded2e05 |
|
Details | MITRE ATT&CK Techniques | 418 | T1204.002 |
|
Details | MITRE ATT&CK Techniques | 447 | T1547.001 |
|
Details | MITRE ATT&CK Techniques | 541 | T1140 |
|
Details | MITRE ATT&CK Techniques | 643 | T1083 |
|
Details | MITRE ATT&CK Techniques | 536 | T1486 |
|
Details | MITRE ATT&CK Techniques | 138 | T1555.003 |
|
Details | MITRE ATT&CK Techniques | 109 | T1539 |
|
Details | MITRE ATT&CK Techniques | 128 | T1560.001 |
|
Details | MITRE ATT&CK Techniques | 470 | T1041 |
|
Details | Url | 4 | https://hexalocker.xyz/sgdysre67t43tvd6e5rd.exe |
|
Details | Url | 3 | https://hexalocker.xyz/upload.php |
|
Details | Url | 4 | https://hexalocker.xyz/receive.php |
|
Details | Url | 2 | https://hexalocker.xyz/index.php |
|
Details | Url | 2 | https://www.trellix.com/en-in/blogs/research/skuld-the-infostealer-that-speaks-golang |
|
Details | Url | 2 | https://www.synacktiv.com/publications/lapsus-is-dead-long-live-hexalocker.html |
|
Details | Url | 1 | https://cyble.com/blog/hexalocker-v2-being-proliferated-by-skuld-stealer |
|
Details | Windows Registry Key | 203 | HKCU\Software\Microsoft\Windows\CurrentVersion\Run |