sload | 5d992840fc8ab8dc4560ac6c9ba57f5e2770ecb1178956082f3848b84380950c | Triage

Sharing

General

Target

5d992840fc8ab8dc4560ac6c9ba57f5e2770ecb1178956082f3848b84380950c
Size

6KB
Sample

220324-3ft6vsgag5
MD5

d7c45aaa2ec4c379c3590e85efd3e27c
SHA1

182d0dd1d7e8c4797b70550c1fa26d20e691df37
SHA256

5d992840fc8ab8dc4560ac6c9ba57f5e2770ecb1178956082f3848b84380950c
SHA512

b832b5d84d581d7bc9282cdcce3752d8423e0967a786c9c54601c270e9743267d57c0de68c0e5c97f51af3d1be040b341dc04f50e12c3e6700eb11282910c217

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  5d992840fc8ab8dc4560ac6c9ba57f5e2770ecb1178956082f3848b84380950c
- Size
  
  6KB
- MD5
  
  d7c45aaa2ec4c379c3590e85efd3e27c
- SHA1
  
  182d0dd1d7e8c4797b70550c1fa26d20e691df37
- SHA256
  
  5d992840fc8ab8dc4560ac6c9ba57f5e2770ecb1178956082f3848b84380950c
- SHA512
  
  b832b5d84d581d7bc9282cdcce3752d8423e0967a786c9c54601c270e9743267d57c0de68c0e5c97f51af3d1be040b341dc04f50e12c3e6700eb11282910c217
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan