sload | 31b24778ec52bcc726779fe314e6711ffefb2dcaea4342c2621f908327de71ae | Triage

Sharing

General

Target

Allegato_Sload_Italy_vbs (19).vbs
Size

5KB
Sample

201123-m56x24578n
MD5

eb5129aca7687d3de32e25cc3a0fc643
SHA1

857d8842c0424c7f7ad3dc1b76922e26fd6b94a7
SHA256

31b24778ec52bcc726779fe314e6711ffefb2dcaea4342c2621f908327de71ae
SHA512

534c8ea193e21679f24cee81fbf1a84490e867f2565aedac9032337036d2a9b9509f77924e29f091ffc360077e60d3e5489d28001c5ab0c04ba89a46453bc550

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  Allegato_Sload_Italy_vbs (19).vbs
- Size
  
  5KB
- MD5
  
  eb5129aca7687d3de32e25cc3a0fc643
- SHA1
  
  857d8842c0424c7f7ad3dc1b76922e26fd6b94a7
- SHA256
  
  31b24778ec52bcc726779fe314e6711ffefb2dcaea4342c2621f908327de71ae
- SHA512
  
  534c8ea193e21679f24cee81fbf1a84490e867f2565aedac9032337036d2a9b9509f77924e29f091ffc360077e60d3e5489d28001c5ab0c04ba89a46453bc550
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Executes dropped EXE
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan