sload | 189c235e1d8e1cd2bf2ad530c774a3004872956729b475edd53f0397b81c0806 | Triage

Sharing

General

Target

Allegato_Sload_Italy_vbs (20).vbs
Size

7KB
Sample

201123-5h9cfn9wsn
MD5

764c02c19ff5e5813528991248c34d08
SHA1

d6c3be949a077865c84ae819265bf3a8acf4115f
SHA256

189c235e1d8e1cd2bf2ad530c774a3004872956729b475edd53f0397b81c0806
SHA512

77ab15c84a2472f65ff4966ef57b5ff85732e4c42158ed262a24bf64a874a89581ae16b24959c175230bc0e4933d4bff0f7921190ebfa9ff30a277e2cd8224f9

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  Allegato_Sload_Italy_vbs (20).vbs
- Size
  
  7KB
- MD5
  
  764c02c19ff5e5813528991248c34d08
- SHA1
  
  d6c3be949a077865c84ae819265bf3a8acf4115f
- SHA256
  
  189c235e1d8e1cd2bf2ad530c774a3004872956729b475edd53f0397b81c0806
- SHA512
  
  77ab15c84a2472f65ff4966ef57b5ff85732e4c42158ed262a24bf64a874a89581ae16b24959c175230bc0e4933d4bff0f7921190ebfa9ff30a277e2cd8224f9
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Executes dropped EXE
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan