sload | 517d0890f443f9afc9bf3759fd6364e6408c978b613c594aeb94e1d24fef2fcc | Triage

Sharing

General

Target

517d0890f443f9afc9bf3759fd6364e6408c978b613c594aeb94e1d24fef2fcc
Size

6KB
Sample

220327-j3n4ksbeem
MD5

e23030b670693ed55a426f36a133a04c
SHA1

0d1a7a0582fd29568f6796b285bfe07d2ef783c8
SHA256

517d0890f443f9afc9bf3759fd6364e6408c978b613c594aeb94e1d24fef2fcc
SHA512

95f9756faf7957afbd4f68232d1a56d46d424b61d9d31ba99322ec45f2db944e8201ee9ea727c6639b40e423e59f8cd0aedf83dc37e1655d4286057994b1f4b8

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  517d0890f443f9afc9bf3759fd6364e6408c978b613c594aeb94e1d24fef2fcc
- Size
  
  6KB
- MD5
  
  e23030b670693ed55a426f36a133a04c
- SHA1
  
  0d1a7a0582fd29568f6796b285bfe07d2ef783c8
- SHA256
  
  517d0890f443f9afc9bf3759fd6364e6408c978b613c594aeb94e1d24fef2fcc
- SHA512
  
  95f9756faf7957afbd4f68232d1a56d46d424b61d9d31ba99322ec45f2db944e8201ee9ea727c6639b40e423e59f8cd0aedf83dc37e1655d4286057994b1f4b8
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan