sload | c069b74525aa61709da74c75a8687ad61c8556e4c8bcd0c0a8010c25a9fe6e52 | Triage

Sharing

General

Target

c069b74525aa61709da74c75a8687ad61c8556e4c8bcd0c0a8010c25a9fe6e52
Size

6KB
Sample

220328-bqys9afec6
MD5

11f6b0f1a90680ea7f7d57b68ff305ee
SHA1

b1793a0401e017b90f8dea32bdf4d27c1af82fae
SHA256

c069b74525aa61709da74c75a8687ad61c8556e4c8bcd0c0a8010c25a9fe6e52
SHA512

69f219dc9b61146447850a802c31bbaf10f2b8624418dcf12bfdfcf6bf116c5d68c1d2fea79f3f4afa533b9f0134c7d911863a3d61816aecab58a1b4e1950e7a

Score

10^/10

sload stealer trojan

Malware Config

Targets

- Target
  
  c069b74525aa61709da74c75a8687ad61c8556e4c8bcd0c0a8010c25a9fe6e52
- Size
  
  6KB
- MD5
  
  11f6b0f1a90680ea7f7d57b68ff305ee
- SHA1
  
  b1793a0401e017b90f8dea32bdf4d27c1af82fae
- SHA256
  
  c069b74525aa61709da74c75a8687ad61c8556e4c8bcd0c0a8010c25a9fe6e52
- SHA512
  
  69f219dc9b61146447850a802c31bbaf10f2b8624418dcf12bfdfcf6bf116c5d68c1d2fea79f3f4afa533b9f0134c7d911863a3d61816aecab58a1b4e1950e7a
Score

10^/10

sload stealer trojan
- sLoad
  sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.
  trojan stealer sload
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

sloadstealertrojan

behavioral2

sloadstealertrojan