sload | 2d4f4f98c234ea41653f671c496f4a95efa4a74411703bf5a50fc7fac2992699 | Triage

Sharing

General

Target

Allegato_Sload_Italy_vbs (5).vbs
Size

6KB
Sample

201123-74ry3th6la
MD5

ceff9364195f28623c0efba90dcb8acf
SHA1

15f0674a0c0f8b57642fbac23c9a46f6a2a33dca
SHA256

2d4f4f98c234ea41653f671c496f4a95efa4a74411703bf5a50fc7fac2992699
SHA512

c352be1cd6857f25df2ffb89e96abe2e889b464e3052776f27558208a2209649bedd1a10a6b30dfb9ef72d6088bb9605f906cee6a4a92e5e2fc09a8d949e5882

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  Allegato_Sload_Italy_vbs (5).vbs
- Size
  
  6KB
- MD5
  
  ceff9364195f28623c0efba90dcb8acf
- SHA1
  
  15f0674a0c0f8b57642fbac23c9a46f6a2a33dca
- SHA256
  
  2d4f4f98c234ea41653f671c496f4a95efa4a74411703bf5a50fc7fac2992699
- SHA512
  
  c352be1cd6857f25df2ffb89e96abe2e889b464e3052776f27558208a2209649bedd1a10a6b30dfb9ef72d6088bb9605f906cee6a4a92e5e2fc09a8d949e5882
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Executes dropped EXE
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan