Overview

overview

10

Static

static

Fatt_clien...09.vbs

windows7_x64

10

Fatt_clien...09.vbs

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ffcf58b4d749d51adbcd3164938d59a494342e450dfd68b678788b695f25184d

  • Size

    90KB

  • Sample

    220520-rz64zsbffq

  • MD5

    2244ccd95f7f30750e5941e0be0f3ba1

  • SHA1

    d9f7abd65284a43114183e0308c1ae74b79fa140

  • SHA256

    ffcf58b4d749d51adbcd3164938d59a494342e450dfd68b678788b695f25184d

  • SHA512

    88adc979d0d47dc96df25a526d0941e613c10f0457e9fde40b2f751b10aec0fa7f83ff60dff5fe96a1b7eff74053c43cab4c19414cb429995f6a7f94356dc05f

Score
10/10
sloadstealertrojan

Malware Config

Targets

    • Target

      Fatt_cliente_00453830309.vbs

    • Size

      3KB

    • MD5

      62b3b8b5c2ceacaee5e3e22939c45a43

    • SHA1

      3a579492c1c373cb61ced3c7a88cffb13d73e1ac

    • SHA256

      77e7a4deb92496d0954a6fd03cece71dfd53bc774cfb89dc16410c91cf09f598

    • SHA512

      0b969e6f0163f22402bfb31f424ff33b8985a1406fd65936e4239b31ba1b75501cbea31bd944cd02c97d88e707e08097b83b8b258e2352b4f92286e09fac93d1

    Score
    10/10
    sloadstealertrojan

    • sLoad

      sLoad is a PowerShell downloader that can exfiltrate system information and deliver additional payloads.

      trojanstealersload

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks