Allegato_Sload_Italy_vbs (5).vbs

General
Target

Allegato_Sload_Italy_vbs (5).vbs

Size

6KB

Sample

201123-74ry3th6la

Score
10 /10
MD5

ceff9364195f28623c0efba90dcb8acf

SHA1

15f0674a0c0f8b57642fbac23c9a46f6a2a33dca

SHA256

2d4f4f98c234ea41653f671c496f4a95efa4a74411703bf5a50fc7fac2992699

SHA512

c352be1cd6857f25df2ffb89e96abe2e889b464e3052776f27558208a2209649bedd1a10a6b30dfb9ef72d6088bb9605f906cee6a4a92e5e2fc09a8d949e5882

Malware Config
Targets
Target

Allegato_Sload_Italy_vbs (5).vbs

MD5

ceff9364195f28623c0efba90dcb8acf

Filesize

6KB

Score
10 /10
SHA1

15f0674a0c0f8b57642fbac23c9a46f6a2a33dca

SHA256

2d4f4f98c234ea41653f671c496f4a95efa4a74411703bf5a50fc7fac2992699

SHA512

c352be1cd6857f25df2ffb89e96abe2e889b464e3052776f27558208a2209649bedd1a10a6b30dfb9ef72d6088bb9605f906cee6a4a92e5e2fc09a8d949e5882

Tags

Signatures

  • sLoad

    Description

    sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.

    Tags

  • Executes dropped EXE

  • Enumerates physical storage devices

    Description

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10