ioc[.]one - OSINT Cyber Threat Intelligence Database

Skuld: The Infostealer that Speaks Golang

Tags

attack-pattern:

Data Ip Addresses - T1590.005 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Social Media - T1593.001 Social Media Accounts - T1585.001 Social Media Accounts - T1586.001 Software - T1592.002 Web Service - T1481 Tool - T1588.002 Vulnerabilities - T1588.006 Web Service - T1102

Show in Graph

Common Information

Type	Value
UUID	ab5aaa9f-d620-4d13-9fc9-b9011129353e
Fingerprint	8c365c984cf7aec6
Analysis status	DONE
Considered CTI value	2
Text language
Published	June 13, 2023, midnight
Added to db	Oct. 24, 2023, 1:20 p.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	Blogs
Title	Skuld: The Infostealer that Speaks Golang
Detected Hints/Tags/Attributes	77/1/59

Source URLs

	Redirection	Url
Details	Source	https://www.trellix.com/about/newsroom/stories/research/skuld-the-infostealer-that-speaks-golang/
Details	Redirection	https://www.trellix.com/en-us/about/newsroom/stories/research/skuld-the-infostealer-that-speaks-golang.html

URL Provider

Details	Provider	Source level domain
Details	trellix.com	www.trellix.com

Attributes

Details	Type	#Events	Value
Details	Domain	1	browsers.zip
Details	Domain	1	cdn.albumoftheyear.org
Details	Domain	4	avatars.githubusercontent.com
Details	Domain	6	api.gofile.io
Details	Domain	26	gofile.io
Details	Domain	4127	github.com
Details	Domain	1	deathined.carrd.co
Details	Domain	7	www.tumblr.com
Details	Domain	1	trojan.ug
Details	Domain	27	trojan.win
Details	Domain	41	discord.com
Details	File	1	%appdata%\discordtokenprotector\discordtokenprotector.exe
Details	File	1	%appdata%\discordtokenprotector\protectionpayload.dll
Details	File	1	%appdata%\discordtokenprotector\secure.dat
Details	File	1	%appdata%\discordtokenprotector\config.json
Details	File	1	browsers.zip
Details	File	1	shakabaiano_1674282487.jpg
Details	File	1	footer.ico
Details	File	11	www.tum
Details	Github username	2	u
Details	Github username	1	deathined
Details	sha256	1	4c0af2782e7e02aba3cc182eb485bdd30f22707a7669cf6609e2619bf4f54b2d
Details	sha256	1	421a57666d85b8c956634528ca128283a13c4cb0730d3d498b4658b3ea4b3015
Details	sha256	1	332911747cb1e808562b431b0519bed11fd844fd7a50fce37d8b4fe5daa7b235
Details	sha256	1	2b5bce8623468a2e58c6cc817c1556dd1ef69cb184083a2d8d68a1bb78cbc2d2
Details	sha256	1	20c53166133e5bc0a6dad39ba6a754a878c04c2697400b98cfb0fa5fe2f8b06d
Details	sha256	1	13c25ddbaed8579a764b143446a4c2910b5605c78951416f303f000133e56b26
Details	sha256	1	fefd9249dbafebc5c7717413a63cc9945eee4006d85fc77b4b4e10587e30aaa7
Details	sha256	1	f8e2c18619f3701542add6f8f822e3d7957b41918d1a1bc03e80622e92afdc41
Details	sha256	1	f7514b93fd3ee6d4df231f2eed022a98d98a518b9ff23c960845d2dd215d4694
Details	sha256	1	dee98d99f9f2915dc8ed7e46606e88f84432232dd329e0283b3ce4e45f54aae4
Details	sha256	1	d98d61496600aadf95235e81c54752c3ddcd1ea3a40ba9eb8978b27f9638f7ee
Details	sha256	1	d3ed2f5e3568fb77600894b49da9343243dc468d9aa661b4fcba60540445f3ec
Details	sha256	1	d29e69c321d2c5f2e0b4e284b9fb399a4b7bf4628916075ab9039be895660626
Details	sha256	1	d11efad7ebe520ccc9f682003d76ebfabd5d18b746a801fefbf04317f7ae7505
Details	sha256	1	bfb57e149903bc7c75cbe1dd57bbee030bdfadb6023db37bb2fe163e4bc06bd4
Details	sha256	1	bea3b5a31d10069bb70561568349a54582564c21d2a835f65073d6f1d8662eec
Details	sha256	1	bdcdd076ccc5f73db7f93dbc298fc48147a04b755fc12fda872d11c6857b512f
Details	sha256	1	b8ea26cc228123ecb77b46d325f0ec34dd5c9b37e3e4ec492a4bf51840218025
Details	sha256	1	b786df58db15f749ca922db966741711859616683b8a64390d221fb3af01493c
Details	sha256	1	b31290a1b14884b1ac2bb00aff079ac365857cbc94a489a5d361f9e140a54dff
Details	sha256	1	a211d8ee2767c83de94cc2b4e07838dd1ea6397ecde15fe0ed3211fe7959eb69
Details	sha256	1	9b6705f27d0d77b766ed5d6267a8b9992081a7aa9c1dc2526c524bdf10bd7204
Details	sha256	1	848f0f411cad90e6c7b6e64b27ffb25c81c6bf065c1cd0f9cc2ca413867bc96a
Details	sha256	1	7ca99ab7123d955e31b001e930231ddfe437b63890263b984454538b0ab47135
Details	sha256	1	65ae55466beec02a40c9df750a9a08f44b809137437e20eeeaa30fd7532ea37b
Details	sha256	1	5dfe60670571378e6ddfaeb30804d5bd4a254edde4269e75afb4b6ce8995d582
Details	Url	1	https://cdn.albumoftheyear.org/user/shakabaiano_1674282487.jpg
Details	Url	1	https://avatars.githubusercontent.com/u/131692814?v=4
Details	Url	3	https://api.gofile.io/getserver
Details	Url	1	https://github.com/deathined
Details	Url	1	https://deathined.carrd.co
Details	Url	1	https://www.tumblr.com/meijki
Details	Url	2	https://discord.com/api/webhooks
Details	Url	1	https://discord.com/api/webhooks/1101151106052145214/biahrwzwkurp1ifntfi0s-nv_adpu3l7cthkzgsoxnh0xwihqpjx2fdzd9kb7bdnyqi7
Details	Url	1	https://discord.com/api/webhooks/963128514779959316/ruqcivo-izgewvxfydiitm7yczbyrnmau55fnfdc4inodqbx2o3dsojakc1lgof9ytaf
Details	Url	1	https://discord.com/api/webhooks/1101120631296237639/mesrimsa71vt7vf_chsukzwpqebkibck1y1gikucoc360zh8eutmjqkmdsmb-lgaqbjw
Details	Windows Registry Key	3	HKLM\SYSTEM\ControlSet001\Control\Class
Details	Windows Registry Key	1	HKLM\SYSTEM\CurrentControlSet\Services\Disk\Enum\0