Allegato_GRCPTR56P29G273X.vbs

General
Target

Allegato_GRCPTR56P29G273X.vbs

Size

6KB

Sample

201130-hvly2vhsjs

Score
10 /10
MD5

117b47e28ec75072e0b194c62747fe96

SHA1

7a6afd4fde5ffed19dee9f039734feace7881b22

SHA256

a068043f049b5b816f6880efd88254fd00603992cfaefd005813530e95d47061

SHA512

ee098cb9c9a8585ecfa18be9b200523aab64b48ba5650629fd7a5d0923d0b86cae1d1e305a0ff187cde149a59f4450e5b7479da6dc415c8781f1ab3f2a253204

Malware Config
Targets
Target

Allegato_GRCPTR56P29G273X.vbs

MD5

117b47e28ec75072e0b194c62747fe96

Filesize

6KB

Score
10 /10
SHA1

7a6afd4fde5ffed19dee9f039734feace7881b22

SHA256

a068043f049b5b816f6880efd88254fd00603992cfaefd005813530e95d47061

SHA512

ee098cb9c9a8585ecfa18be9b200523aab64b48ba5650629fd7a5d0923d0b86cae1d1e305a0ff187cde149a59f4450e5b7479da6dc415c8781f1ab3f2a253204

Tags

Signatures

  • sLoad

    Description

    sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.

    Tags

  • Executes dropped EXE

  • Enumerates physical storage devices

    Description

    Attempts to interact with connected storage/optical drive(s). Likely ransomware behaviour.

    TTPs

    System Information Discovery

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10