sload | a068043f049b5b816f6880efd88254fd00603992cfaefd005813530e95d47061 | Triage

Sharing

General

Target

Allegato_GRCPTR56P29G273X.vbs
Size

6KB
Sample

201130-hvly2vhsjs
MD5

117b47e28ec75072e0b194c62747fe96
SHA1

7a6afd4fde5ffed19dee9f039734feace7881b22
SHA256

a068043f049b5b816f6880efd88254fd00603992cfaefd005813530e95d47061
SHA512

ee098cb9c9a8585ecfa18be9b200523aab64b48ba5650629fd7a5d0923d0b86cae1d1e305a0ff187cde149a59f4450e5b7479da6dc415c8781f1ab3f2a253204

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  Allegato_GRCPTR56P29G273X.vbs
- Size
  
  6KB
- MD5
  
  117b47e28ec75072e0b194c62747fe96
- SHA1
  
  7a6afd4fde5ffed19dee9f039734feace7881b22
- SHA256
  
  a068043f049b5b816f6880efd88254fd00603992cfaefd005813530e95d47061
- SHA512
  
  ee098cb9c9a8585ecfa18be9b200523aab64b48ba5650629fd7a5d0923d0b86cae1d1e305a0ff187cde149a59f4450e5b7479da6dc415c8781f1ab3f2a253204
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Executes dropped EXE
- Enumerates physical storage devices
  Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan