Allegato_Sload_Italy_vbs (19).vbs

General
Target

Allegato_Sload_Italy_vbs (19).vbs

Size

5KB

Sample

201123-m56x24578n

Score
10 /10
MD5

eb5129aca7687d3de32e25cc3a0fc643

SHA1

857d8842c0424c7f7ad3dc1b76922e26fd6b94a7

SHA256

31b24778ec52bcc726779fe314e6711ffefb2dcaea4342c2621f908327de71ae

SHA512

534c8ea193e21679f24cee81fbf1a84490e867f2565aedac9032337036d2a9b9509f77924e29f091ffc360077e60d3e5489d28001c5ab0c04ba89a46453bc550

Malware Config
Targets
Target

Allegato_Sload_Italy_vbs (19).vbs

MD5

eb5129aca7687d3de32e25cc3a0fc643

Filesize

5KB

Score
10 /10
SHA1

857d8842c0424c7f7ad3dc1b76922e26fd6b94a7

SHA256

31b24778ec52bcc726779fe314e6711ffefb2dcaea4342c2621f908327de71ae

SHA512

534c8ea193e21679f24cee81fbf1a84490e867f2565aedac9032337036d2a9b9509f77924e29f091ffc360077e60d3e5489d28001c5ab0c04ba89a46453bc550

Tags

Signatures

  • sLoad

    Description

    sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.

    Tags

  • Executes dropped EXE

  • Enumerates physical storage devices

    Description

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10